communication protocol | DataProtectionCenter.com

Win32/Duqu analysis: the RPC edition

29

Oct

2011

My Russian colleagues Aleksandr Matrosov and Eugene Rodionov have found some time to do some more analysis on Win32/Duqu. (Don’t you guys sleep?) In the previous post (http://blog.eset.com/2011/10/25/win32duqu-it%e2%80%99s-a-date) they concentrated on analyzing the Duqu configuration file format and extracting the exact date on which the system was infected. This time they investigated Duqu’s RPC (Remote […]

Category General Written by ESET ThreatBlog 0 Comments

Botnet Shutdown Success Story: How Kaspersky Lab Disabled the Hlux/Kelihos Botnet

29

Sep

2011

Earlier this week, Microsoft released an announcement about the disruption of a dangerous botnet that was responsible for spam messages, theft of sensitive financial information, pump-and-dump stock scams and distributed denial-of-service attacks. Kaspersky Lab played a critical role in this botnet takedown initiative, leading the way to reverse-engineer the bot malware, crack the communication protocol […]

Category General Written by Securelist / Blog 0 Comments

W32.Virut: Using Cryptography to Prevent Domain Hijacking

24

Aug

2011

W32.Virut is a Windows file infector that’s been around since 2006. It usually makes the top 10 in threat charts and therefore deserves regular scrutiny. Analysis of recent variants show that changes were made to strengthen the communication protocol between the bots and the command and control server to prevent blacklisting, sinkholing, and hijacking of […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘communication protocol’

Win32/Duqu analysis: the RPC edition

Botnet Shutdown Success Story: How Kaspersky Lab Disabled the Hlux/Kelihos Botnet

W32.Virut: Using Cryptography to Prevent Domain Hijacking

Categories

Featured

Archives

Latest Comments

About Us

Contact Us