(Note: This blog was written on September 2. We decided to postpone publishing it due to an ongoing joint effort to shut down servers and block domain names. The variant studied is not the latest but accurately reflects the functionalities of the threat.) Trojan.Bamital appeared in the summer of 2010. The threat really became prevalent […]
At the beginning of this month, my colleague Robert Lipovsky posted an article on a new threat called Win32/Delf.QCZ, also known as Trojan.Badlib or Trojan.Win32.Miner.h. This threat caught the attention of others and additional information has since been added by fellow researchers on the blogs of Kaspersky and Symantec as well as on the H-Online […]
Identifying a botnet is not an easy task sometimes, especially when one gets lost in different components like droppers, infectors and other bad stuff. Some two weeks ago, Jose Nazario from Arbor Networks pointed me to a new varmint that appears to be another peer-to-peer bot. When executed, the program installs tons of stuff that […]
Latest Comments