Posts Tagged ‘droppers’

The Powerloader 64-bit update based on leaked exploits

Aug

2013

A few months ago on this blog I described PowerLoader functionality including an interesting way for privilege escalation into the explorer.exe system process. The leaked PowerLoader code is also used in other malware families. For example the Win32/Gapz dropper is based on leaked PowerLoader code. In August 2013 we have tracked a new modification of […]

Category General Written by We Live Security 0 Comments

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

May

2013

The story of the mysterious malware detected by ESET as Win32/Rootkit.Avatar began in February 2013 when some adverts for this rootkit leaked from Russian cybercrime forums (http://pastebin.com/maPY7SS8). This information produced some heated discussions in the malware research community, however a sample of the Avatar rootkit was not found and published, until now. In this blog […]

Category General Written by We Live Security 0 Comments

Carberp: the never ending story

Mar

2013

The Carberp cybercrime group was one of the first groups to make massive use of specialist malware designed to target remote banking systems and fraud operations against major Russian banks. Many members of major Carberp groups have already been arrested (All Carberp botnet organizers arrested), but the Carberp malware family is still active and evolving. […]

Category General Written by We Live Security 0 Comments

The Latest in IT Security

Posts Tagged ‘droppers’

The Powerloader 64-bit update based on leaked exploits

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Carberp: the never ending story

Categories

Featured

Archives

Latest Comments

About Us

Contact Us