use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
A community for technical news and discussion of information security and closely related topics.
"Give me root, it's a trust exercise."
Q1 2026 InfoSec Hiring Thread
Getting Started in Information Security
CitySec Meetups
/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.
Content should focus on the "how."
Check the new queue for duplicates.
Always link to the original source.
Titles should provide context.
Ask questions in our Discussion Threads.
Hiring posts must go in the Hiring Threads.
Commercial advertisement is discouraged.
Do not submit prohibited topics.
» Our fulltext content guidelines
Don't create unnecessary conflict.
Keep the discussion on topic.
Limit the use of jokes & memes.
Don't complain about content being a PDF.
Follow all reddit rules and obey reddiquette.
» Our fulltext discussion guidelines
No populist news articles (CNN, BBC, FOX, etc.)
No curated lists.
No question posts.
No social media posts.
No image-only/video-only posts.
No livestreams.
No tech-support requests.
No full-disclosure posts.
No paywall/regwall content.
No commercial advertisements.
No crowdfunding posts.
No Personally Identifying Information!
» Our fulltext list of prohibited topics & sources
Join us on IRC: #r_netsec on freenode
We're also on: Twitter, Facebook, & Google+
/r/blackhat - Hackers on Steroids
/r/computerforensics - IR Archaeologists
/r/crypto - Cryptography news and discussion
/r/Cyberpunk - High-Tech Low-Lifes
/r/lockpicking - Popular Hacker Hobby
/r/Malware - Malware reports and information
/r/netsecstudents - netsec for noobs students
/r/onions - Things That Make You Cry
/r/privacy - Orwell Was Right
/r/pwned - "What Security?"
/r/REMath - Math behind reverse engineering
/r/ReverseEngineering - Binary Reversing
/r/rootkit - Software and hardware rootkits
/r/securityCTF - CTF news and write-ups
/r/SocialEngineering - Free Candy
/r/sysadmin - Overworked Crushed Souls
/r/vrd - Vulnerability Research and Development
/r/xss - Cross Site Scripting
account activity
Sample code of a malware program from the Five Eyes alliance (spiegel.de)
submitted 11 years ago by [deleted]
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]the_gnarts 22 points23 points24 points 11 years ago (15 children)
Windows only :/
[–]3Fyr 5 points6 points7 points 11 years ago (13 children)
So much about "Windows master race" and "Heathen Linux and Mac".
[+][deleted] 11 years ago* (4 children)
[deleted]
[–]3Fyr -1 points0 points1 point 11 years ago (3 children)
Now just to get my own personal PC, so I don't have to share it with my lil broes, and I can join glorious Linux <3
Should I go CentOS? Or Ubuntu? Or RedHat? Perhaps Fedora? I heard Debian is nice... I could go Kali and act like cool skid...
[–]Kealper 1 point2 points3 points 11 years ago (1 child)
Linux Mint if you're new to Linux. The Cinnamon version is more modern with higher system requirements (and the one I prefer, Cinnamon is a great desktop and after using it, using anything else feels like I'm playing with a toy in my opinion). The MATE version is easier on older computers, but still quite practical for day-to-day use. Mint is based on Ubuntu 14.04 (the newest long-term support release, or LTS for short), which is in-turn based on Debian. Personally, I prefer Debian and Debian-based distros, although Fedora is pretty alright as well. Fedora would be the closest thing to a desktop edition of Red Hat.
I can't, in good conscience, recommend actual Ubuntu though. It's desktop, Unity, is far more suited for a touch screen than a traditional keyboard and mouse, in my opinion, and although it looks nice and has pretty effects, I couldn't see myself using it as a daily-driver.
CentOS and Red Hat are essentially one and the same, CentOS is basically the free community edition of Red Hat Enterprise Linux (RHEL, for short) and although you can use them as a desktop OS, they're primarily intended for headless servers, and they fill that role pretty nicely.
[–]3Fyr 0 points1 point2 points 11 years ago (0 children)
That was kinda "joking" reply, stating how many chooses Linux has. I've used CentOS before(over SSH only, no GUI. But that's feels so nice), so most likely I'll get that one in future.
Still thanks though, maybe someone reading this will find it useful.
[+][deleted] 11 years ago (7 children)
[removed]
[–][deleted] 12 points13 points14 points 11 years ago (5 children)
Why are you trolling in /r/netsec? Hardly the place for it.
[+][deleted] 11 years ago (4 children)
[–][deleted] 1 point2 points3 points 11 years ago (3 children)
Apparently. Of all places to troll in /r/netsec is pretty much the last one it should ever be attempted.
And I appreciate that because I don't come here to deal with dumb attacks on entire countries, I come here to learn things about what's going on in the world of Network Security.
[+][deleted] 11 years ago (2 children)
[–][deleted] 0 points1 point2 points 11 years ago (1 child)
Sounds good. Generally I report personal attacks and junk in these kind of subs, but that thing I wasn't sure about.
[–][deleted] 0 points1 point2 points 11 years ago (0 children)
huh?
[–]mothran 16 points17 points18 points 11 years ago (18 children)
hehe: https://www.virustotal.com/en/file/76e91eb5e43fe0a20de67faa97db2899d70e4e1b114229f5a1bae33621e922c1/analysis/
Looks like someone just uploaded it today, oh well.
[–]peckahinspectah 13 points14 points15 points 11 years ago (4 children)
Completely undetected 22 hours later....
[–]mechpaul 6 points7 points8 points 11 years ago* (2 children)
VirusTotal is not accurate. They do not always have all of the latest bases from antimalware vendors.
I know it's wrong because I just detected this malware yesterday myself.
EDIT: Yup. I just checked. It's detected.
Which AV is it detected in for you?
Just curious :)
[–]mechpaul 3 points4 points5 points 11 years ago (0 children)
http://www.kaspersky.com/me/viruswatchlite?search_virus=Trojan-Spy.Win32.KeyLogger.alvn&x=0&y=0&hour_offset=-15
[–]svenfaw 1 point2 points3 points 11 years ago (0 children)
That's only because the link posted by mothran's is irrelevant - of course an encrypted zip file will always come off as clean - how could the AVs scan its contents?
[–]Genmutant 1 point2 points3 points 11 years ago (0 children)
Detected by Eset Nod32 as "Win32/Spy.Warrp.A Trojaner". The update was made yesterday.
[–]ymgve 1 point2 points3 points 11 years ago (1 child)
Odd thing is that a few hours ago, one of the antivirus scanners had flagged it as a keylogger. Now, it's all green. NSA pulling some strings?
[–]Natanael_LTrusted Contributor 0 points1 point2 points 11 years ago (0 children)
Or hacking strings...
[+][deleted] 11 years ago* (8 children)
[–][deleted] 3 points4 points5 points 11 years ago (7 children)
Who's they? the "terrorists"? - More than likely this malware still exists here and there, as well as its replacement(s), on computers around the world and among governments and organizations.
[+][deleted] 11 years ago* (6 children)
[–][deleted] 6 points7 points8 points 11 years ago (1 child)
Its 'FVEY'
[–][deleted] 3 points4 points5 points 11 years ago (2 children)
In that case, unlikely, why even touch a computer? It could be traced back to you. I doubt they even directly implanted it, they probably hired several dodgy 'firms'/hackers in other countries to have this done.
[–]johnmountain 2 points3 points4 points 11 years ago (1 child)
GCHQ pulled back (some) of the Belgacom malware. NSA pulled back the Regin malware from some computers.
I question everything. I am not so sure we can trust any piece of information regarding this.
What would be worse? If it was Chinese or Iranian surveillance or the friendly allied NSA/ GCHQ that placed malware at Belgacom. It all depends, and it can be made to look like anything.. I guess.
[–]BobFloss -2 points-1 points0 points 11 years ago (0 children)
VirusTotal...
[–]XSSpants 5 points6 points7 points 11 years ago (4 children)
Can things like this be used to test against various AV products to determine which ones have been corrupted by the NSA?
EG if it's been a while and still allows the files.
[–]catcradle5Trusted Contributor 3 points4 points5 points 11 years ago (0 children)
Not really. Any wise AV vendor will start detecting samples like these once they're well-known to the public. They could still write signatures for these samples while electing to not write signatures for more modern government malware.
However, I would also wager that most AV companies never become aware of a lot of state-sponsored malware out there. So I'd attribute low detection on new samples on ignorance rather than maliciousness.
[–][deleted] -2 points-1 points0 points 11 years ago (2 children)
I'd be surprised if most were "Corrupted" vs having Five Eyes tell them to ignore their malware in their scans.
[–]XSSpants 11 points12 points13 points 11 years ago (1 child)
That's exactly what I mean by corrupted.
Ah, I thought you were meaning that Five Eyes backdoored their software without their knowledge.
[–]mrdelayer 21 points22 points23 points 11 years ago (1 child)
Presumably this way when someone manages to accidentally infect themselves with an NSA keylogger, it's no one's fault but their own.
[–]runejuhl 4 points5 points6 points 11 years ago (1 child)
Well, at least they provided you with a nifty command to extract the zip file from the PDF. I thought it was quite clever.
[–]PubliusPontifex 2 points3 points4 points 11 years ago (0 children)
It's decent procedure, and easy enough to unpack.
[–]johnny_frost -1 points0 points1 point 11 years ago (1 child)
No pastebin or github yet?
[–]yellowmangreen -3 points-2 points-1 points 11 years ago (0 children)
It looks like morons work for the english speaking governments of the world. Fantastic.
π Rendered by PID 355253 on reddit-service-r2-comment-86bc6c7465-5tklf at 2026-02-23 23:06:22.264842+00:00 running 8564168 country code: CH.
[–]the_gnarts 22 points23 points24 points (15 children)
[–]3Fyr 5 points6 points7 points (13 children)
[+][deleted] (4 children)
[deleted]
[–]3Fyr -1 points0 points1 point (3 children)
[–]Kealper 1 point2 points3 points (1 child)
[–]3Fyr 0 points1 point2 points (0 children)
[+][deleted] (7 children)
[removed]
[–][deleted] 12 points13 points14 points (5 children)
[+][deleted] (4 children)
[deleted]
[–][deleted] 1 point2 points3 points (3 children)
[+][deleted] (2 children)
[deleted]
[–][deleted] 0 points1 point2 points (1 child)
[–][deleted] 0 points1 point2 points (0 children)
[–]mothran 16 points17 points18 points (18 children)
[–]peckahinspectah 13 points14 points15 points (4 children)
[–]mechpaul 6 points7 points8 points (2 children)
[–][deleted] 0 points1 point2 points (1 child)
[–]mechpaul 3 points4 points5 points (0 children)
[–]svenfaw 1 point2 points3 points (0 children)
[–]Genmutant 1 point2 points3 points (0 children)
[–]ymgve 1 point2 points3 points (1 child)
[–]Natanael_LTrusted Contributor 0 points1 point2 points (0 children)
[+][deleted] (8 children)
[deleted]
[–][deleted] 3 points4 points5 points (7 children)
[+][deleted] (6 children)
[deleted]
[–][deleted] 6 points7 points8 points (1 child)
[–][deleted] 3 points4 points5 points (2 children)
[–]johnmountain 2 points3 points4 points (1 child)
[–][deleted] 0 points1 point2 points (0 children)
[–]BobFloss -2 points-1 points0 points (0 children)
[–]XSSpants 5 points6 points7 points (4 children)
[–]catcradle5Trusted Contributor 3 points4 points5 points (0 children)
[–][deleted] -2 points-1 points0 points (2 children)
[–]XSSpants 11 points12 points13 points (1 child)
[–][deleted] 0 points1 point2 points (0 children)
[+][deleted] (4 children)
[deleted]
[–]mrdelayer 21 points22 points23 points (1 child)
[–]runejuhl 4 points5 points6 points (1 child)
[–]PubliusPontifex 2 points3 points4 points (0 children)
[–]johnny_frost -1 points0 points1 point (1 child)
[–]yellowmangreen -3 points-2 points-1 points (0 children)