Posts Tagged ‘running processes’

Tracking a botnet infection

Jul

2013

Recently we found several malicious executables with similar characteristics. These files were found on the following six domains: janashfordplumbing.com kalliskallis.com lowes-pianos-and-organs.com continental1.com foreigntire.com gjhimages.com The URLs used, adhered to the following two formats: http://www.[domain].com/awstats6_data/[a-f0-9]{10}/?f=sm_main.mp3&k=[0-9]{15} http://www.[domain].com/images/[folder]/[folder]/[a-f0-9]{10}/?f=sm_main.mp3&k=[0-9]{15} These six domains are otherwise legitimate sites that have been compromised and used to serve malicious content. While I didn’t […]

Category Security Written by Zscaler Research 0 Comments

Travnet Botnet Controls Victims With Remote Admin Tool

May

2013

The malicious binary behind the Travnet botnet has been updated. The new code has a new compression algorithm, steals the list of running processes, adds new file extensions to its list of files to steal, and has improved its control commands. Also, after the malware has uploaded the stolen files on its remote server, the […]

Category General Written by Blog Central > McAfee Labs 0 Comments

Dangerous Trojan substitutes web pages

May

2013

Specialists from the Russian anti-virus company Doctor Web have studied one of the most widespread threats in April 2013, the Trojan Trojan.Mods.1, formerly known as Trojan.Redirect.140. According to statistics compiled by the curing utility Dr.Web CureIt!, the number of infections with this Trojan represent 3.07% of the total number of detected threats. A summary of […]

Category General Written by Virus alerts 0 Comments

The Latest in IT Security

Posts Tagged ‘running processes’

Tracking a botnet infection

Dangerous Trojan substitutes web pages

Categories

Featured

Archives

Latest Comments

About Us

Contact Us