mbr | DataProtectionCenter.com – Tech and Security

Unencrypted Whistler Variant in the Wild

12

Feb

2013

Antimalware researchers Marius Tivadar and Cristian Istrate are back with a small update from the labs, this time about the Whistler bootkit family.

Category General Written by Bitdefender Labs 0 Comments

Korean gaming malware – served 3 ways

22

Dec

2012

Recently, we’ve seen similar activities being performed by different malware that monitor online Korean applications. Mostly, the applications they monitor are card games, such as those in Figure 1. Figure 1: Examples of online Korean games that are being monitored. (Source: http://www.hangame.com) The following applications are monitored if found running on the system: LASPOKER.EXE […]

Category General Written by Microsoft Malware Protection Center 0 Comments

PE_XPAJ: Persistent File Infector

23

Oct

2012

We’re currently investigating several file infectors that have affected several countries, particularly Australia. Trend Micro detects these as PE_XPAJ.C, PE_XPAJ.C-1, PE_XPAJ.C-2, and PE_XPAJ.C-O.Based on our initial analysis, these PE_XPAJ variants connect to the following C&C servers to send and receive information: {BLOCKED}.{BLOCKED}.162.208:35516 {BLOCKED}.{BLOCKED}.152.218:35516 {BLOCKED}.{BLOCKED}.71.249:35516 {BLOCKED}.{BLOCKED}.60.108:35516 {BLOCKED}.{BLOCKED}.123.153:35516 {BLOCKED}.{BLOCKED}.132.25:35516 {BLOCKED}.{BLOCKED}.16.5:389 {BLOCKED}.{BLOCKED}.0.1:1056 {BLOCKED}.{BLOCKED}.16.9 {BLOCKED}.{BLOCKED}.16.10 {BLOCKED}.{BLOCKED}.183.224:35516 {BLOCKED}.{BLOCKED}.0.1:1070 {BLOCKED}.{BLOCKED}.16.12:389 {BLOCKED}.{BLOCKED}.4.250:80 […]

Category General Written by Security Intelligence 0 Comments

The Latest in IT Security

Posts Tagged ‘mbr’

Unencrypted Whistler Variant in the Wild

PE_XPAJ: Persistent File Infector

Categories

Featured

Archives

Latest Comments

About Us

Contact Us