Peer-to-Peer Poisoning Attack against the Kelihos.C Botnet
Almost one year ago, CrowdStrike and some partners conducted a takeover operation against the Kelihos.B botnet, a peer-to-peer network of…
Free Community Tool: CrowdInspect
CrowdInspect is a free community tool for Microsoft Windows systems from CrowdStrike aimed to help alert you to the presence…
CrowdStrike Falcon Unveiled: The Power of The Platform
It’s been almost a year to the day since we announced the formation of CrowdStrike, a company totally focused on…
I/O You Own: Windows 8 Update
At SyScan 2012 last year, I debuted research on how to bypass the Operating System’s normal input/output (I/O) disk driver…
HTTP iframe Injecting Linux Rootkit
On Tuesday, November 13, 2012, a previously unknown Linux rootkit was posted to the Full Disclosure mailing list by an…
Unpacking Dynamically Allocated Code
Background Today, most malware is obfuscated to make it more difficult for traditional antivirus engines to detect the malicious…
FinSpy Mobile: iOS and Apple UDID leak
Last week, Morgan Marquis-Boire and Bill Marczak from The Citizen Lab published a fascinating glance at real-world mobile espionage tool…
Upcoming Black Hat USA 2012: Android 4.0.1 Exploitation
This February in the "Hacking Exposed: Mobile RATs" talk at the RSA conference, we released a demonstration of an end to end compromise…
Streamlining the Reverse Engineering Process with CrowdRE
Background As is commonly known in the industry, and as evident from recent high-profile malware samples such as Stuxnet and…
Join the Crowd!
Reversing complex software quickly is challenging due to the lack of professional tools that support collaborative analysis. The CrowdRE project…