summer-bug

A BazarLoader DGA that Breaks Down in the Summer

August 9, 2021 Domain generation algorithms are relatively straightforward to program and usually bug free. Not so the new DGA of BazarLoader, which goes haywire during the summer months.

link post 'A BazarLoader DGA that Breaks Down in the Summer'
bazaar3

Yet Another Bazar Loader DGA

January 23, 2021 Bazar Loader decided to change its perfectly fine domain generation algorithm (DGA) once again. The change in the algorithm is very minor, but it yields more domain names.

link post 'Yet Another Bazar Loader DGA'
bazar2

Next Version of the Bazar Loader DGA

December 16, 2020 This blog post shows yet another domain generation algorithm of Bazar Loader. Although it still uses exclusively the .bazar top level domain and similar seeding, the algorithm itself is completely new.

link post 'Next Version of the Bazar Loader DGA'
bazarglitch

The Defective Domain Generation Algorithm of BazarLoader

July 15, 2020 This blog post is about the faulty domain generation algorithm found in some BazarLoader samples. The DGA not only uses an invalid tld, it also occasionally generates invalid characters for the second level domain.

link post 'The Defective Domain Generation Algorithm of BazarLoader'
see all blog posts