Spiderlabs. The main breakthrough was when he downloaded and ran the malware in a safe environment. This allowed him to track the rogue program connecting to an FTP server. He spied on the net traffic to discover the username and password the malware used to FTP things up to the owner's server.
That is when the real ownage began. He was able to log into the FTP server and search around. Further tracking involved finding out the license used for a commercial keylogging app, and typing that back to a real person's name. Oh this is so cool. This just goes to show you that when you have the right skills, you can figure all kinds of things out.
I am just curious why the guy did not play any tricks on the keylogger. If you got access to their site, you could reverse the roles and hijack the script kiddies.
Work Smarter not Harder - We have large data sets in my current project. Every year tons more data is loaded into the system. So we only keep the majority of data for 4 years. After...