@themalwarefiles profile picture
The Malware Files @themalwarefiles

Story-driven and technical breakdowns of the world’s most fascinating malware

Joined April 2025
  • Tweets 127
  • Following 1
  • Followers 11
92 Photos and videos
CVE? CVSS? Mitigations? Cybersecurity terms can be overwhelming, especially for a newbie. In this article, @Dhanush_Nehru helps you to unlock the mystery behind some of these buzzwords in vulnerability management, and breaks them down for you to understand them better. #cybersecurity #vulnerability #cve #cvss themalwarefiles.com/the-no-n…

The No-Nonsense Guide to Cybersecurity Vulnerabilities

From CVSS scores to Host Scanners, everything you need to understand your security posture before the bad guys do.

themalwarefiles.com
1
1
3
312
SikoMode is a Nim-compiled infostealer that checks for a C2 connection the moment it runs. No connection, and it quietly wipes itself from disk, leaving no trace. If it does connect, it reads a JPEG off the desktop, encrypts it with RC4 using a key pulled from a separate file, and exfiltrates it. In this writeup, Sagar Joshi walks through the full analysis in IDA and x64dbg to show exactly how this beautiful nightmare pulls this off. #MalwareAnalysis #PMAT #CyberSecurity #ReverseEngineering #InfoSec medium.com/the-malware-files…

[PMAT] Malware Analysis: SikoMode

This is a write up which describes one of the ways to approach the challenge: SikoMode from PMAT course, which covers the concepts related…

themalwarefiles.com
36
Happy Friday
18
Only the initiated would understand
1
1
6
1
1
8
1
1
7
In the world of Android cybersecurity, static analysis gets a lot of red flags letting you know an app is malicious. But what if the app is literally clean until its opened? In this piece, Ruslan Mirzayev explains the role of the Reflection API, and how this tool has unfortunately been used in some of the worst ways possible, and how to defend yourself against it (hopefully). #android #malware #reflection #api #google medium.com/the-malware-files…

How Android Malware Abuses the Reflection API

Android malware has come a long way from the early days of obvious, easy-to-catch malicious apps. Modern threats are sophisticated…

themalwarefiles.com
1
1
21
Commercial Spyware and surveillance has been on the rise lately. From NSOs Pegasus, to Sherlocks Candiru, the race is just getting started that legally puts cyberweapons in the hands of anyone with enough money to buy them. In this post, @bevijaygupta opens up the market of these paid cyberweapons, and gives a tour through the lens of India, including its impact on the Subcontinent. #spyware #malware #india #law #pegasus themalwarefiles.com/the-rise…

The Rise of Commercial Spyware: What It Means for India

Explore the relationship between commercial spyware and the golden sparrow

themalwarefiles.com
1
1
60
SVCStealer is an infostealer that targets Windows users, and collects credentials, crypto wallets, messaging data and even takes screenshots. In this analysis, mapol takes you through what makes this malware tick, and even tips on protecting yourself. #svcstealer #malware #cybercrime #infostealer #cybersecurity medium.com/the-malware-files…
1
130
Android malware remains one of the most fascinating things in cybersecurity, and Ruslan Mirzayev knows it. In this piece, he shows why it's important for malware analysts to peek into threads, as they tend to hold unwanted surprises. #android #malware #threads #cybercrime #cybersecurity medium.com/the-malware-files…

Why Threads Are Important in Android Malware Analysis

Android malware analysis is not only about reading suspicious API calls or checking permissions in the AndroidManifest.xml. Modern Android…

themalwarefiles.com
32
A Ransomware attack is one of the most frightening things that can happen to any person, business or even nation. But why? In this article, @Dhanush_Nehru gives you the basic rundown of how one works, and even a trip back in time to one of the most devastating: WannaCry. #ransomware #cybercrime #wannacry #malware #cybersecurity themalwarefiles.com/why-rans…

Why Ransomware is the Crime of the Century (The $4 Billion Pop-Up)

From paralyzed hospitals to locked libraries, how digital hostage-takers are rewriting the rules of crime (The Wannacry Ransomware…

themalwarefiles.com
1
1
2
102
When it comes to cybersecurity, early detection means early mitigation. And sometimes one tool isn't enough. In this tutorial, @Nanaaisha_1 shows you how to integrate Wazuh, VirusTotal and Slack to make a comprehensive system that allows your SOC to be one step ahead of the very threats that target your system. #wazuh #virustotal #slack #SOC #cybersecurity medium.com/@nanaaisha1030/wa…

Wazuh VirusTotal Slack: Automated Threat Detection, Enrichment and Alerting

Executive Summary

themalwarefiles.com
1
4
92
Intents are key to how applications interact with Android and its services. But what if they are misused for malicious purposes? In this piece, Ruslan Mirzayev shows you how something intended (no pun intended) for good, could be used for data theft and breaches. #android #google #cybersecurity #androidintents #cybercrime #malware medium.com/the-malware-files…

Android Intents: The Secret Weapon in Every Hacker’s Toolkit

Every day, millions of people use their Android phones without knowing about the invisible messaging system running in the background

themalwarefiles.com
19
Broadcasts are a neat trick in Android that carry out actions based on events. But sometimes, these broadcasts can be abused my malware. In this article, Ruslan Mirzayev shows the various ways they can be abused, and how to protect your phone. #cybersecurity #android #google #malware #broadcasts medium.com/the-malware-files…

Android Broadcast Receivers: A Gateway for Malware Attacks

What is a Broadcast Receiver?

themalwarefiles.com
38
16
21
Maybe we're overthinking it...maybe #chatgpt #openai #caricature #data
0:25
29
28
Modern malware use an array of techniques to make them harder to detect, and consequently defend against. One of these is a Domain Generation Algorithm. In this article, @neginipun gives you the gist of this technique, and how to defend against it. A great one if you're a defender (or malware author in training 🤫) #SecurityResearch #MalwareAnalysis #CyberSecurity #ThreatDetection #InfoSec medium.com/the-malware-files…

Understanding Domain Generation Algorithms (DGAs): A Core Malware Persistence Technique

What is a DGA?

themalwarefiles.com
64
We've all heard that viruses and spyware can infiltrate Google's Android. But have you actually considered how that works? In this piece, Ruslan Mirza peels back the layers of your average Android application, and shows you what, where, and how malware authors write their malicious code to do the most damage. #Android #Malware #CyberSecurity #MobileSecurity #ReverseEngineering themalwarefiles.com/dissecti…

Dissecting an APK: A Malware Analyst’s Perspective

A peek into the world of how Android Malware works

themalwarefiles.com
73
Load more