tag:blogger.com,1999:blog-5365964245877416061.post2512687229132659001..comments2024-02-23T05:31:25.274+01:00Comments on XyliBox: Having a look on the KINS ToolkitSteven Khttp://www.blogger.com/profile/00282466473904820396noreply@blogger.comBlogger13125tag:blogger.com,1999:blog-5365964245877416061.post-31708826504664971162014-04-21T03:44:09.452+02:002014-04-21T03:44:09.452+02:00So... where to buy this soft?So... where to buy this soft?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-39595889958612029792013-10-20T19:07:36.113+02:002013-10-20T19:07:36.113+02:00I love reading your blogs, i learn alot frm your w...I love reading your blogs, i learn alot frm your works. Computer world is safe because of kool researchers like u. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-11755785551787198262013-10-19T07:20:36.647+02:002013-10-19T07:20:36.647+02:00As always awesome work brother!As always awesome work brother!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-68209580018718067892013-10-04T10:31:54.687+02:002013-10-04T10:31:54.687+02:00Sorry just got to ask. Whats the name of the artis...Sorry just got to ask. Whats the name of the artist/track playing in the second video? :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-79581465262235579852013-10-02T16:55:23.429+02:002013-10-02T16:55:23.429+02:00Users in USSR countries will not be infected by KI...Users in USSR countries will not be infected by KINS[1] – a feature that was first introduced by Citadel in January 2012.<br /><br />real?Anonymoushttps://www.blogger.com/profile/12836875682057914233noreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-66675562002889752872013-10-01T15:11:50.693+02:002013-10-01T15:11:50.693+02:00K.I.N.S can't working with chrome x32/x64?K.I.N.S can't working with chrome x32/x64?Anonymoushttps://www.blogger.com/profile/12836875682057914233noreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-21487407745616748882013-10-01T12:52:00.754+02:002013-10-01T12:52:00.754+02:00Intresting analysis,
A new malware that have noth...Intresting analysis, <br />A new malware that have nothing new. combine best parts from top malwares trying to be a new king in malware world and all this was made by a phD in the name of scienceViRiihttp://virii.tknoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-39179383359765665442013-09-30T17:16:44.088+02:002013-09-30T17:16:44.088+02:00the most common problem each vendor name there sam...the most common problem each vendor name there samples $random it's also for that their 'zeusVM' don't match with our 'PowerZeus'Steven Khttps://www.blogger.com/profile/00282466473904820396noreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-79017710148900095842013-09-30T16:52:46.716+02:002013-09-30T16:52:46.716+02:00The only difference here is that what we know as K...The only difference here is that what we know as KINS (i mean RSA and me) is actually Alureon...<br />And Fox-It identify it only as the Zeus component that comes with the whole-Kins..<br />I don't think that Fox-It were wrong classifying it as Zeus.. it's indeed almost 100% Zeus, but their report was not accurate in saying that it's only a zeus.<br />Why they think they know what kins is.. if everyone call what we analyzed kins..<br />Maybe there are 2 kins that are not related one to another..<br />It would be cool if a Fox-It guys can explain.Steven Khttps://www.blogger.com/profile/00282466473904820396noreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-24281636230923012582013-09-30T14:57:33.705+02:002013-09-30T14:57:33.705+02:00They said it was a ZeuS based kit and that it also...They said it was a ZeuS based kit and that it also features elements from SpyEye consistently saying it was a variant and not regular ZeuS so I still don't get the comments towards them.<br /><br />Though this is a far more in depth analysis and made me understand it much more :-)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-34433385342237151562013-09-30T14:37:57.627+02:002013-09-30T14:37:57.627+02:00Hi thanks,
Well, RSA was kinda wrong here too, tha...Hi thanks,<br />Well, RSA was kinda wrong here too, that's right.<br />The first blog entry of RSA states what appear on the seller page, therefore they didn't know anything about it.<br /><br />Although this is 99% a copy of a zeus.. KINS itself is a "modular" trojan based on Alureon.<br />And the 'Zeus' component is just a module which can be installed or not installed.<br />And even the Zeus itself it's not a regular Zeus like mentioned by Fox-it, but Zeus that was migrated to be a SpyEye module.Steven Khttps://www.blogger.com/profile/00282466473904820396noreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-30892066753672559212013-09-30T13:59:25.830+02:002013-09-30T13:59:25.830+02:00Very nice blog, enjoyed reading it.
However I do ...Very nice blog, enjoyed reading it.<br /><br />However I do not understand why, even though you state these types of things all over the article: 'And not like Citadel, KINS is almost 99% a "copy/past" of Zeus', you start the article of by saying that Fox it appears to not know what they're talking about... While their entire conclusion was that KINS is basically a ZeuS variant and not the insanely new banking threat RSA made it out to be.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5365964245877416061.post-35446496715242899302013-09-30T13:32:49.242+02:002013-09-30T13:32:49.242+02:00Awesome blog man!Awesome blog man!Anonymousnoreply@blogger.com