Recently, we blogged about the file-infector virus known as W32.Virut and the botnet’s return to distributing new payloads. In the blog, we estimated that the Virut botnet currently consists of 308,000 unique Virut clients active in a single day. It was also noted that Virut had been observed distributing payloads with the functionality to send out […]
In the past, we have written about the file infector known as W32.Virut. We have even provided insight into trying to shut the botnet down. Due to a recent judicial proceeding causing a temporary outage of the Virut command-and-control (C&C) server domains, we were able to gather information on the size and demographics of the […]
In our joint analysis of a W32.Flamer command-and-control (C&C) server, as documented here, we described several C&C server protocols present in code on the server. One of those protocols we knew was associated with W32.Flamer. The other remaining protocol had not previously been observed in the wild and no samples were retrieved which used those […]
Latest Comments