home.social
Sign in Create account

#fannybmp — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fannybmp, aggregated by home.social.

  1. loneicewolf @[email protected] ·

    EquationGroup is most likely the most fascinating thing I have ever learned about in my entire life. And all the interesting malware samples, tools, research and papers about them by others is just mindblowing, Vault8 is something interesting as well, I should pick up some reversing on this topic as well, later on! Especially eqgrp (that is, not only reversing since it's been open for quite awhile now) but the tools and links etc. To what it could be (more than just a toolkit of malware n stuff)

    Fanny.bmp I know is DementiaWheel (As Stuxnet is called OlympicGames, I could be wrong here though, cuz I just woke up)

    I will also re-make some of the tools just.. for fun? Could be a nice challenge. Most of it is python and others, so I thought why *not* port it to C? As I have done with my 2 reverse shells actually; it was Python3 at first, 2 jupyter notebooks!

    #wikileaks #fannybmp #stuxnet
    #eqgrp #equationgroup

    #wikileaks #fannybmp #stuxnet #eqgrp #equationgroup
  2. loneicewolf @[email protected] ·

    This happened for quite awhile ago but still worth sharing (at least, for those who want to learn about it)

    I will assume the reader of this post knows about Stuxnet, but not fanny.bmp (Stuxnet is *extremely simplified* a malware that affected power plants. Yes.)

    (Fannybmp, is *most likely* related to stuxnet since it's kind of the same but *the destruction* part removed, it was mostly made (by someone or some*thing) to probably gather intel before stuxnet would uh.. begin its work)

    I made a module (now in the Rapid7's Metasploit repo) to detect fanny.bmp

    Why I share this, is because many talk about stuxnet, equationgroup,eqgrp, etc, etc, but none even mentions fanny.bmp (not to the extent I would want at least)

    basically, as a malware researcher I want as many as possible to know about this, because fanny.bmp - like stuxnet - might not be "active today" but, it still 'would work' on outdated machines. Which is reason enough, to share this! :)

    I have a todo list to make improvements, and to re-write the report about fanny.bmp (a report I did in a hurry before making the actual module) so it's a bit bad, because of the fact it was written in a hurry.

    If you use Kali linux and do not have the module, (despite the fact that you should) here is the link!

    - github.com/rapid7/metasploit-f

    - securelist.com/a-fanny-equatio

    Have a nice day current reader! :tuturu:

    #equationgroup #eqgrp #stuxnet #fannybmp #kali_linux #rapid7

    #equationgroup #eqgrp #stuxnet #fannybmp #kali_linux #rapid7