Botnets | DataProtectionCenter.com

?RunForestRun?, ?gootkit? and random domain name generation

01

Aug

2012

Recently, we came across web malware that – instead of injecting an iframe pointing to a fixed existing address – generates a pseudo-random domain name, depending on the current date. This approach is not new and is widely used by botnets in C&C domain name generation, yet it’s not very common for the web malware we?ve seen […]

Category General Written by Securelist / Blog 0 Comments

July 2012 virus activity review: the summer lull and a new threat to Mac OS

01

Aug

2012

July 2012 saw an increased number of system infections by blocker Trojans; at the same time, because one of the largest BackDoor.Blackenergy botnets was brought down, spam traffic declined significantly. At the end of the month, Doctor Web discovered a cross-platform Trojan, dubbed BackDoor.DaVinci.1, targeting both Microsoft Windows and Mac OS X. It should be […]

Category General Written by Virus alerts 0 Comments

Rovnix.D: the code injection story

27

Jul

2012

ESET – In the one of my previous blog posts I described the bootkit functionality included in modifications found in new Rovnix.D samples (Rovnix bootkit framework updated), but further detailed analysis uncovered some interesting updates to the code injection technique employed. During the Rovnix.D code analysis process we found algorithms for multiple code injections with […]

Category General Written by ESET ThreatBlog 0 Comments

The Latest in IT Security

Posts Tagged ‘Botnets’

?RunForestRun?, ?gootkit? and random domain name generation

July 2012 virus activity review: the summer lull and a new threat to Mac OS

Rovnix.D: the code injection story

Categories

Featured

Archives

Latest Comments

About Us

Contact Us