Posts by malwaretech@infosec.exchange
 (DIR) Post #Aw2Iqp47zn2lkL2ZDE by malwaretech@infosec.exchange
       2025-07-11T21:04:10Z
       
       1 likes, 0 repeats
       
       Still one of my most unnecessary projects. My apartment complex wouldn't let people have more than 1 garage fob per resident. So, I reverse engineered mine, bought some cheap fobs on Amazon, then wrote custom firmware for them that imitates my apartment fob.
       
 (DIR) Post #Aw4Qq13Z7Fq4ayp7HU by malwaretech@infosec.exchange
       2025-02-09T06:15:39Z
       
       1 likes, 1 repeats
       
       Oh man, I have so many stories about the "startup" (Path Network), which the 19-year-old DOGE employee, Edward Coristine previously worked for.https://www.wired.com/story/edward-coristine-tesla-sexy-path-networks-doge/My first interaction with the founder, Marshal Webb, was in 2016 when the company was called "BackConnect'. I'd recently posted a research paper on the Mirai botnet, which lead to him harassing me online, simply because he considered himself to be the sole authority on Mirai.It later turned out, that a lot of his knowledge came from the fact that he was personally hosting the threat actors' infrastructure, therefore had direct insight into the botnet. He tried to play it off as an "intelligence gathering operation". Everyone knew he was really just in bed with the threat actors, but nobody could prove it enough to make a case against him.At some point shortly after, a DDoS-for-hire service got hacked and its entire customer database along with all DDoS attack logs was leaked online. One of the records traced back to an employee of his DDoS mitigation firm, and from a combination of attack logs and corroboration with customers, it was determined that they had been launching DDoS attacks against businesses, then cold calling them to sell DDoS protection services.It was fairly apparent from the fact the emails coincided with the DDoS attacks, but did not originate from the the employee performing the attacks that the company was in on it, and this wasn't the work of some rogue employee. Nevertheless, said employee got thrown under the bus, convicted, and was unsuccessful in proving that his employer was in on the conspiracy, although they most certainly were.Eventually, the founder ended up being named in some kind of criminal complaint or other FBI related court document. The specific wording seemed to imply that he'd gotten caught doing something illegal enough that he'd become an informant to save himself. Amusingly, when the document surfaced, the company just issued a press release about how they were "helping the FBI stop crime" and nothing become of it.The company has always been shady as hell, and while it's not abnormal for cybersecurity firms to hire reformed hackers, I've not seen a single employee who was not directly involved in cybercrime immediately prior to getting hired. Furthermore, multiple of the employees have been caught committing cybercrime while working for the company.Originally, when I posted this thread on February 6th, I stopped short of any allegation that Edward himself was involved in cybercrime. Since then @briankrebs was able to trace his aliases back to a known cybercrime organization and confirm he indeed was directly involved in cybercrime as recently as May 2024. You can find Brian's Mastodon thread on the matter here:https://infosec.exchange/@briankrebs/113965646509637016https://infosec.exchange/@briankrebs/113957683483583881
       
 (DIR) Post #Aw8bsLXgZ1seFOVEo4 by malwaretech@infosec.exchange
       2025-07-14T21:27:13Z
       
       0 likes, 1 repeats
       
       Added a new free malware reverse engineering lab 'Command And Control 1' which serves as an introduction to working with malware that communicates with C2 infrastructure.https://malwaretech.com/labs/c2/command-and-control-1
       
 (DIR) Post #AwAcN8hWkJhXiKi27c by malwaretech@infosec.exchange
       2025-07-15T21:34:02Z
       
       0 likes, 0 repeats
       
       We’re all just trying to find the person whose fur clogged the Roomba for the 3rd time this week
       
 (DIR) Post #AwQvxSKrjnnjDjASC8 by malwaretech@infosec.exchange
       2025-07-23T18:13:16Z
       
       3 likes, 5 repeats
       
       Being in tech and having a single modicum of critical thinking is just screaming "this isn't what LLMs are designed for" over and over. Meanwhile people are shoving a bunch of word predictors into critical decision making processes because a glorified used car salesmen told them it would fix all their problems.
       
 (DIR) Post #AwWP5cxM0Dy4wDDbHc by malwaretech@infosec.exchange
       2025-07-26T04:47:20Z
       
       0 likes, 0 repeats
       
       Not really buying this claim from Tea. I'm not aware of any laws which require platforms to retain raw identification documents, especially not for "cyberbullying prevention". Some laws require retention of user metadata like IP addresses, but retaining photos of government IDs used for ID verification is just plain reckless.
       
 (DIR) Post #AwjRutAkOFVkxnLsH2 by malwaretech@infosec.exchange
       2025-08-01T16:34:02Z
       
       1 likes, 0 repeats
       
       It's wild that Apple was the only major big tech company to not drink the AI kool aid, and now they're being forced to because every dipshit analyst is like "well the earnings are really good but we're concerned about the lack of AI". How are these people real 😭
       
 (DIR) Post #AwpEwoHrOKNnw41Yqe by malwaretech@infosec.exchange
       2025-08-04T08:32:58Z
       
       0 likes, 0 repeats
       
       Every Reason Why I Hate AI and You Should Toohttps://malwaretech.com/2025/08/every-reason-why-i-hate-ai.html?a=1
       
 (DIR) Post #Ayfs7SDOn5VkXnurnU by malwaretech@infosec.exchange
       2025-09-28T15:12:06Z
       
       1 likes, 1 repeats
       
       Wait, so AI companies are struggling to raise enough funding to build datacenters for their unproven technology. And to solve this, Nvidia is just handing out cash on the condition that those companies buy their GPUs, which is being spun as Nvidia building a walled garden? That kind of sounds like someone combined the Subprime Mortgage Crisis with a Ponzi Scheme.https://www.theinformation.com/articles/jensen-huang-using-nvidia-cash-rule-ai-economy
       
 (DIR) Post #AzJ8SQmAVr7Gaqdnwe by malwaretech@infosec.exchange
       2025-10-17T15:03:38Z
       
       2 likes, 4 repeats
       
       You know how billionaires end up with severe cognitive deficits as a result of becoming surrounded by yes men who constantly tell them their every idea is genius? What if we made a bot that just does that to everyone. I think that would be great.
       
 (DIR) Post #AzYRZ0eIrYs05cDAZ6 by malwaretech@infosec.exchange
       2025-10-25T01:45:39Z
       
       0 likes, 0 repeats
       
       Absolutely incredible stuff coming out of Bozo The Clown School of Economics.1. convince everyone you're going to fix the economy by slapping tariffs on everything. 2. Tell Americans that other countries will pay the tariffs, even though tariffs are paid by importers (you).3. Americans gets mad when beef prices go up because as it turns out, importers do in fact pay the tariffs.4. That's ok, the tariffs were really about rewarding companies who produce goods locally, so at least the American farmers are happy.5. Wait, never mind. Other countries have started importing beef from elsewhere because US beef is too expensive now.7. Don't worry though, it's all part of the plan. We will fix this by simply giving $20 billion dollars of taxpayer money to Argentina.8. Ok, that didn't seem to have worked. Maybe if we announce we're going to give them $40 billion dollars instead?9. Hmmm, bailing out Argentina doesn't seem to have fixed the US economy.10. Lower Argentina's beef import tax rate to less than it was before you got into office, costing US farmers even more money.11. Somehow all of this is actually good and part of a completely sane economic policy, I'm just too dumb to understand the grand plan. MAGA - Make Argentina Great Again?
       
 (DIR) Post #Azk3BsEU1G5BSAF6Om by malwaretech@infosec.exchange
       2025-10-30T16:27:51Z
       
       2 likes, 0 repeats
       
       Watch OpenAI go public and just follow Tesla's business model (convincing retail investors to shovel their money into a fire while announcing "AGI is coming next year" every year forever).
       
 (DIR) Post #B0CDTEFGE9EWMfyYdM by malwaretech@infosec.exchange
       2025-11-13T07:36:28Z
       
       1 likes, 1 repeats
       
       This post from the President of Windows basically reads like someone trained an LLM on those SF billboards that just say incomprehensible nonsense.
       
 (DIR) Post #B0RdEnXMfVxaZOmQd6 by malwaretech@infosec.exchange
       2025-11-20T17:48:01Z
       
       0 likes, 1 repeats
       
       It always makes me chuckle how occasionally you'll run into beginners who say stuff like "real hackers use Linux". Real hackers aren't constrained by operating system choice. In fact, half the fun is running into that weird edge case where you end up having to code your own OS for some hyper-specific task.
       
 (DIR) Post #B0iTuEfkHIVgq117UO by malwaretech@infosec.exchange
       2025-11-28T20:20:29Z
       
       2 likes, 0 repeats
       
       Here's an easy way to understand the US "hacking back" / Offensive cyber operations proposal: You lose the keys to your house down the back of the couch. It would be very time consuming to try and dig them out, but buying new locks would cost money.The least expensive option is to simply remove the entire front door, which your family approves of. This would leave more money to gamble in the slot machine (some guy who says he is 100% definitely not the owner of the slot machine has told you that if you put in enough money, you will receive a return on your investment).After voting to remove the front door, someone walks into your house and steals your TV. Having to buy a new door, new locks, and new TV would cut into the slot machine fund. Which is unacceptable.You decide the most cost efficient option is to track down every thief in the world and punch them in the face. The family agrees that punching every thief in the face would certainly deter any further theft, and have absolutely no possible negative consequences at all.The not slot machine guy has also offered to buy all your house's windows for $30, to help you recuperate some of the losses from your TV being stolen. You agree that this is indeed a good deal, and proceed to remove every window.One day you come come to find a 600 pound grizzly bear rooting around in your pantry eating all your food. Your are completely perplexed. Despite your best efforts to secure your home against theft, people have still been walking in and taking whatever they want. However, a grizzly bear is new.You consult with the not slot machine guy, who has recently used all his not slot machine money to buy up every local hospital. You are concerned that the punching everyone in the face policy does not appear to have affected theft rates. Also, this policy was designed for humans, not bears.The not slot machine guy reassures you that this is the best way. He tells you that you just aren't punching people hard enough. He also says that there is no reason why the same policy couldn't also be applied to bears. He sells you some punching classes for $5 trillion dollars and send you on your way.With your new found punching skills, you are now ready to fight the bear. You return home to find out that all of the local bears have learned that your pantry is a great place to get food. There in now an entire group of them. That is ok though, you've been training for this.
       
 (DIR) Post #B19UBDls7yuoEYtrfM by malwaretech@infosec.exchange
       2025-12-11T19:59:28Z
       
       0 likes, 0 repeats
       
       Is it me or are major internet platform outages getting more frequent? I used to instinctively reboot my router, now I just assume it's the platform. GitHub broke for me this morning, now LinkedIn is offline. Reddit and Twitter feel like they go down twice a week. Meanwhile all these companies are bragging about layoffs because they've "become more efficient with AI". Like, dawg, you can't even keep your website online.
       
 (DIR) Post #B1HPYOi6g1AkJd3B9k by malwaretech@infosec.exchange
       2025-12-15T17:38:26Z
       
       1 likes, 0 repeats
       
       The tariffs certainly appear to be working. American companies are no longer importing goods from China. Instead, they're becoming Chinese companies and producing good domestically.
       
 (DIR) Post #B1grfcGIc56KVa1jnM by malwaretech@infosec.exchange
       2025-12-27T18:08:11Z
       
       1 likes, 1 repeats
       
       One concern about the AI bubble that I've not yet seen discussed is how many All-In podcasts it's going to create. Every time one of these AI companies is bought or IPOs, it creates like 10 new billionaire who will start a podcast where they pass their single brain cell around a table and influence people on issues they know nothing about.Remember when David Sacks and Jason Calacanis got together with Elon Musk and tried to sabotage Ukraine's defense because they convinced themselves that angering Russia would lead to a nuclear war? Now imagine there's 400 of them. At this rate the entire media sphere will just be midwit billionaires with podcasts.
       
 (DIR) Post #B2Ug5qFo87wMfyOmOG by malwaretech@infosec.exchange
       2026-01-20T23:38:11Z
       
       1 likes, 1 repeats
       
       Since the decline of peer-to-peer botnets it's been difficult to track malware infections externally. But smart contract based C2 infrastructure provided us with unique insights into this campaign.https://expel.com/blog/clearfake-new-lotl-techniques/
       
 (DIR) Post #B2wLnWs8bx9M0nk2oy by malwaretech@infosec.exchange
       2026-02-03T05:01:56Z
       
       1 likes, 1 repeats
       
       I can’t believe we’re doing this again. It’s just a bot that generates the text you ask it for. If you put it in charge of critical decisions, it will kill people. Not because it’s secretly evil, but because it’s a word generator. It’s like putting your toaster in charge of air traffic control.