The Latest in IT Security

BKDR_POISON: More Challenges Ahead

03
Feb
2012

Last year, the security industry was plagued by a series of APT reports, which included the “Nitro Attack”. The backdoor used here is known as PoisonIvy or BKDR_POISON. Its builder is available online. Security vendors have then taken measures to counter this threat to help customers battle against similar infections in the future. However, a recent discovery of the downloader’s stealth mechanism proved that the fight is not yet over.

We thought that there was nothing much to see when we looked at the downloader’s sample at first glance. It’s a VB-compiled executable file which does nothing but perform an HTTP GET request to an HTML page.

When accessed using via a browser it looks like a harmless web page until you decode it.

Related posts:
  1. Siemens warns of challenges ahead for energy business
  2. Sleek New US Drone Flies Over Area 51
  3. Highlights from VB 2011 Barcelona
  4. Mark Zuckerberg pours ice-cold water on himself, challenges Bill Gates to do the same
  5. Mark Zuckerberg pours ice-cold water on himself, challenges Bill Gates to do the same

Tags:  
Written by TrendLabs
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments