persistence | DataProtectionCenter.com

The Russian Mastermind Behind Backdoor.Proxybox

08

Oct

2012

For the past three months we have been investigating a Russian attacker serving malware to hundreds of thousands of users per year. The malware is Backdoor.Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may […]

Category General Written by Symantec Security Response Blog 0 Comments

Backdoor.Proxybox: Kernel File System Hooking

14

Aug

2012

A low level file system driver was bundled with the latest version of Backdoor.Proxybox named “rxsupply”. The malicious driver was designed to deny access to the files used by the malware in order to improve persistence on compromised computers. The driver functionality and methods used for hooking kernel file system access are described below. Figure 1. […]

Category General Written by Symantec Security Response Blog 0 Comments

DDoS Attacks: The Zemra Bot

27

Jun

2012

Symantec has become aware of a new Distributed Denial of Service (DDoS) crimeware bot known as “Zemra” and detected by Symantec as Backdoor.Zemra. Lately, this threat has been observed performing denial-of-service attacks against organizations with the purpose of extortion. Zemra first appeared on underground forums in May 2012 at a cost of ?100.Figure 1. Zemra […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘persistence’

The Russian Mastermind Behind Backdoor.Proxybox

Backdoor.Proxybox: Kernel File System Hooking

DDoS Attacks: The Zemra Bot

Categories

Featured

Archives

Latest Comments

About Us

Contact Us