Benoit ANCELinCSIS TechBlogChapter 1 — From Gozi to ISFB: The history of a mythical malware family.Illustrating ISFBs journey from the early start over the leak of Gozi 1 to their recent mutation into LDR4 and its relations to other…26 min read·Oct 24, 2022----
Benoit ANCELinCSIS TechBlogAn inside view of domain anonymization as-a-service — the BraZZZerSFF infrastructureOne, if not the main, challenge with producing good intelligence is to have access to the right information at the right moment. The right…15 min read·Aug 8, 2022----
Benoit ANCELinCSIS TechBlogThe Nemty affiliate modelAlmost a year after the end of the operations of Nemty ransomware, we are going to try here to present some internal details of their…6 min read·Jan 25, 2021--1--1
Benoit ANCELinCSIS TechBlogGCleaner, Garbage provider since 2019How malware actually ends up on millions of endpoints6 min read·Jan 18, 2021----
Benoit ANCELinCSIS TechBlogThe end of Dreambot? Obituary for a loved piece of GoziDreambot seems to finally be out of service after +6 years of activity. The back-end servers of the botnet are down for a few weeks now…21 min read·May 1, 2020----
Benoit ANCELinCSIS TechBlogInstallCapital — When AdWare Becomes Pay-per-Install Cyber-Crime.Traffic exchange is probably one of the oldest types of grey-hat business on the Internet. Different companies compete to buy or resell…8 min read·Feb 7, 2020----