Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for October 22nd, 2007

Now where’s Egg Shen?

leave a comment »

So I am watching (sorta) Chuck on NBC tonight and during the show, “Chuck Vs. The Sizzling Shrimp” when I swear I hear the name David Lo Pan So, I look up and nothing..I figure, ok I think I heard that. Cut to the next scene, a Chinatown bar being infiltrated by Chuck’s handlers after a Chinese agent and a firefight breaks out. The object of the Chinese agent’s fire? David Lo Pan! Turns out his name in the show is actually “Ben Lo Pan” Holy Big Trouble In Little China! I feel a screening of the special edition coming on…

Written by Krypt3ia

2007/10/22 at 20:36

Posted in Uncategorized

CIA mascots dept.

with one comment

HOLY WTF… WHAT ARE THEY THINKING?

THIS is the WORST logo I have ever been unfortunate enough to see! Who are these guys hiring? Geez…

Critics Calling New CIA Counterterrorism Logo a “Slam Dunk”

They make the terrorists black these days, eh?The CIA has inexplicably come up with a logo for the “Terrorist Buster,” some sort of imaginary Christian cheerleader representing the DCI Counterterrorist Center. Take a better look at the logo, realize that this is actually happening, and then continue reading. We’ll wait for you. [Pause]. Ready? THIS IS AN OFFICIAL GOVERNMENT LOGO?!

The logo is clearly inspired by that of the popular film, Ghostbusters (the one with the marshmallow monster thing):

There’s really nothing more to say about this, except that we hope Egon and that crazy loon Slimer sue the government for copyright infringement.

Written by Krypt3ia

2007/10/22 at 20:09

Posted in Uncategorized

CIA mascots dept.

with 4 comments

HOLY WTF… WHAT ARE THEY THINKING?

THIS is the WORST logo I have ever been unfortunate enough to see! Who are these guys hiring? Geez…

Critics Calling New CIA Counterterrorism Logo a “Slam Dunk”

They make the terrorists black these days, eh?The CIA has inexplicably come up with a logo for the “Terrorist Buster,” some sort of imaginary Christian cheerleader representing the DCI Counterterrorist Center. Take a better look at the logo, realize that this is actually happening, and then continue reading. We’ll wait for you. [Pause]. Ready? THIS IS AN OFFICIAL GOVERNMENT LOGO?!

The logo is clearly inspired by that of the popular film, Ghostbusters (the one with the marshmallow monster thing):

There’s really nothing more to say about this, except that we hope Egon and that crazy loon Slimer sue the government for copyright infringement.

Written by Krypt3ia

2007/10/22 at 20:09

Posted in Uncategorized

Storm Update: Fast Flux Networks

leave a comment »

Storm Worm is an interesting beastie…

Wednesday, September 05, 2007
Storm Worm’s Fast Flux Networks

Following my previous posts on “Storm Worm Malware Back in the Game” and “Storm Worm’s use of Dropped Domains”, here are some handy graphs of Storm Worm’s use of fast-flux networks generated during the last several hours, acting as great examples of how diverse malware C&C has become.

– bnably.com

Domain servers in listed order:
ns13.bnably.com
ns12.bnably.com
ns11.bnably.com
ns10.bnably.com
ns9.bnably.com
ns8.bnably.com
ns7.bnably.com
ns6.bnably.com
ns5.bnably.com
ns4.bnably.com
ns3.bnably.com
ns2.bnably.com

– wxtaste.com

Domain servers in listed order:
ns13.wxtaste.com
ns12.wxtaste.com
ns11.wxtaste.com
ns10.wxtaste.com
ns9.wxtaste.com
ns8.wxtaste.com
ns7.wxtaste.com
ns6.wxtaste.com
ns5.wxtaste.com
ns4.wxtaste.com
ns3.wxtaste.com
ns2.wxtaste.com

– snbane.com

Domain servers in listed order:
ns13.snbane.com
ns12.snbane.com
ns11.snbane.com
ns10.snbane.com
ns9.snbane.com
ns8.snbane.com
ns7.snbane.com
ns6.snbane.com
ns5.snbane.com
ns4.snbane.com
ns3.snbane.com
ns2.snbane.com

– tibeam.com

Domain servers in listed order:
ns13.tibeam.com
ns12.tibeam.com
ns11.tibeam.com
ns10.tibeam.com
ns9.tibeam.com
ns8.tibeam.com
ns7.tibeam.com
ns6.tibeam.com
ns5.tibeam.com
ns4.tibeam.com
ns3.tibeam.com
ns2.tibeam.com

– eqcorn.com

Domain servers in listed order:
ns10.eqcorn.com
ns11.eqcorn.com
ns12.eqcorn.com
ns13.eqcorn.com
ns2.eqcorn.com
ns3.eqcorn.com
ns4.eqcorn.com
ns5.eqcorn.com
ns6.eqcorn.com
ns7.eqcorn.com
ns8.eqcorn.com
ns9.eqcorn.com

The Honeynet Project & Research Alliance defines a fast-flux network as :

“Fast-flux service networks are a network of compromised computer systems with public DNS records that are constantly changing, in some cases every few minutes. These constantly changing architectures make it much more difficult to track down criminal activities and shut down their operations.”

In Storm Worm’s case, we have an example of fast-fluxing dropped domains, and if you research a little further, you’ll see that newly infected Storm Worm hosts shown in this particular moment of the fast-flux are already sending out spam.

Written by Krypt3ia

2007/10/22 at 13:07

Posted in Uncategorized