SerHack - Developer and Security

SerHack

Developer - Security engineer

[email protected]

Blog

2018-09-04

MEGA Chrome Extension Hacked - Detailed Timelaps

On 4 September at 14:30 UTC, an unknown attacker managed to hack into MEGA's Google Chrome web store account and upload a malicious version 3.39.4 of an extension to the web store, according to a blog post published by the company.

2018-06-06

Deobfuscating and Understanding a Trojan JScript

Jscript Trojan

Over 50% of cyber attacks are executed through malware, whose job is to find a flaw to inject other types of viruses including malware, adware and much more. Knowing the computer remotely, it can spy on the screen and even crypt the files: a wrong click and you lose anything.

2018-05-16

Understanding Google Dorks and How Hackers Use Them

Search Engine Dorks

It is estimated that Google has downloaded more pages than any other search engine in the market. With over billions of pages and a relatively low execution time, the popular Californian search engine is able to satisfy all research, both for educational purposes and for purely curiosity purposes.

2018-04-18

Security research report: Hackers can take full control of online compilers through a common exploit

Security Shell injection

Online compilers are a handy tool to save time and resources for coders, and are freely available for a variety of programming languages. Since these online tools are essentially remote compilers with a web interface, I realized that I might be able to take remote control of the machines through command injection.

2018-03-06

Introduction to MoneroV and its Inherent Risks

Cryptocurrency Analysis

The "MoneroV" coin is an impending unofficial fork of the Monero blockchain with many "red flag" characteristics that have alarmed the Monero community. Many users are wondering: could the MoneroV fork be a scam project? This article discusses risks...

2018-02-20

How to crash the iPhone with a single Telugu character

Apple Analysis

In recent years, Apple has been heavily criticized for the security implications of their market centralization and policy of irreversible operating system updates. Mobile device users are strongly pressured to install packaged iOS upgrades that cannot be rolled back. While this practice greatly increases security for most users, there is an inherent danger to this centralization.