Denis Makrushin


23/04/18 |Research # , , , ,

Honeypots and the Internet of Things

According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.

The article is prepared jointly Vladimir KuskovMikhail KuzinYaroslav ShmelevIgor Grachev especially for

Continue reading

0 likes no responses
05/04/18 |Research # , , , ,

The cost of launching a DDoS attack


The article is prepared especially for

A distributed denial-of-service (DDoS) attack is one of the most popular tools in the cybercriminal arsenal. The motives behind such attacks can vary – from cyber-hooliganism to extortion. There have been cases where criminal groups have threatened their victims with a DDoS attack unless the latter paid 5 bitcoins (more than $5,000). Often, a DDoS attack is used to distract IT staff while another cybercrime such as data theft or malware injection is carried out.

Almost anyone can fall victim to a DDoS attack. They are relatively cheap and easy to organize, and can be highly effective if reliable protection is not in place. Based on analysis of the data obtained from open sources (for example, offers to organize DDoS attacks on Internet forums or in Tor), we managed to find out the current cost of a DDoS attack on the black market. We also established what exactly the cybercriminals behind DDoS attacks offer their customers.

Continue reading

0 likes no responses
09/01/17 |Research # , , , ,

Is Mirai Really as Black as It’s Being Painted?

Is Mirai Really as Black as It's Being Painted?

The Mirai botnet, which is made up of IoT devices and which was involved in DDoS attacks whose scale broke all possible records, causing denial of service across an entire region, has been extensively covered by the mass media. Given that the botnet’s source code has been made publicly available and that the Internet of Things trend is on the rise, no decline in IoT botnet activity should be expected in the near future.

Continue reading

0 likes no responses
09/11/16 |Blog # , , , , ,

IT threat evolution Q3 2016. Statistics

0 likes no responses
25/09/15 |Blog # , ,

The problems of heterogeneous means of protection


Any company regardless of the level of maturity possesses some valuable information which having got into the hands unscrupulous individuals can put an end not just to the financial future, but also to the whole business. Representatives of very small businesses may have quite considerable sums on their bank accounts, but they can seldom boast of their secure network of workstations. At best PC owners in the companies just install a demo version of an antivirus and a custom firewall. At worst they do not establish protection at all. Continue reading

0 likes 2 responses
15/10/14 |Blog # , , , ,

Кибернаемники и легальное вредоносное ПО

Данный материал подготовлен специально для блога Kaspersky Daily: (ru) (en)

Кибернаемники и легальное вредоносное ПО

Мы живем в интересное время — компьютеры и сети входят в нашу жизнь все глубже и глубже, причем происходит это с невероятной скоростью. Еще недавно они захватывали заводы и офисы, потом пробрались в кухни и гостиные. А сегодня немалой мощности компьютер с постоянным подключением к Сети лежит в кармане у каждого второго жителя планеты. И это не предел: на подходе эра Интернета вещей — в рамках данной концепции к Всемирной сети собираются подключить не то что каждый утюг, а едва ли не каждый гвоздь. Continue reading

0 likes no responses
26/06/14 |Research # , , , , ,

How I fought state-supported malware

A live story told by a virus analyst about research on RCS and Finspy

Narrated by: Sergey Golovanov. Growling recorded and translated by: Denis Makrushin.
Thanks to Kaspersky Lab for the translation of the original material in English.
It is always interesting to read hacker stories about tough guys breaking into systems and removing protection. If you think about it, the fight against malware (as well as writing quality malware) is also a hack, but the employees of antivirus companies are not very willing to talk about their activities. It is partly because a large percentage of viruses is complete garbage, and they are sorted out in semi-automatic mode. However, the newfangled malware issued by governments and law enforcement bodies is a totally different story. In this article you will learn that even seasoned experts sometimes require more than one case of beer and several cartons of cigarettes in order to understand malicious code written by equally experienced developers combined into one high-tech company in exactly the same way.

Continue reading

0 likes no responses
23/06/14 |Research # , , , , ,

Как я боролся с правительственной малварой

Живой рассказ вирусного аналитика об исследовании RCS и Finspy

Рассказывал: Сергей Голованов. Записывал и переводил с гроулинга: Денис Макрушин.
Как я боролся с правительственной малварой
Читать хак-стори про то, как крутые парни взламывают системы и снимают защиты, всегда интересно. Если подумать, то окажется, что борьба со зловредами (как и написание качественной малвары) – это тоже хак, но сотрудники антивирусных компаний не очень охотно рассказывают об этой своей деятельности. Отчасти потому, что большой процент вирусов – фигня полная, и побеждаются они в полуавтоматическом режиме. Впрочем, про новомодную правительственно-правоохранительную малвару этого не скажешь. Из этой статьи вы узнаете, что даже опытным экспертам иногда требуется не один ящик пива и не один блок сигарет для того, чтобы разобраться в злокоде, написанном такими же опытными и так же объединенными в одну высокотехнологичную компанию разработчиками.
0 likes no responses

Stored XSS almost in all home routers around us. From quite popular and outdated Netgear that allows to organize persistence even after restoring to factory settings, to recently released Keenetic Air. Playing with @kaato137 with the devices, we're worrying about rental property.


"These vulnerabilities could be exploited in the future to steal personal information, alter or erase memories or cause physical harm"
Future doesn't appear from nowhere: the "pain" begins with vulnerable environment (with current management platforms).

#Brainjacking, #Neurostimulation, #MemoryHacking – the keywords of our collaborative research with @Sqrrl101 from Oxford University Neurosurgery Group, we’ve presented at KLNext. In the photo I’m demonstrating the size of your brain after our talk. Report:

Recent Comments
- Sergey to Погружение в даркнет: Снифаем выходную ноду Tor и анализируем получившийся контент
лучше заходиииииииить через тор онлайн,...
- Denis Makrushin to The problems of heterogeneous means of protection
Of course!...
- K. Olbert to The problems of heterogeneous means of protection
Insightful diagram, Denis. Would you mind if I use it in a presentation, with credit, of course?...