Tag: botnet
-
Necurs pump-and-dump spam campaign pushes obscure cryptocurrency
Cryptocurrencies have attracted the attention of cybercriminals for many years: as a relatively anonymous payment channel, as a target of their digital theft, and as a way to turn (temporarily) compromised systems into money-generating machines. Given the recent increases in the value of many such cryptocurrencies, it is not surprising to see them being promoted…
-
Spamhaus report shows many botnet controllers look a lot like legitimate servers
Of all the annual security reports and blog posts that look back at the previous year, that of Spamhaus is one I particularly look forward to, as it always comes with good and interesting data. Though The Spamhaus Project is probably best known for its blacklists that are widely used for filtering spam, its researchers…
-
Spamhaus report shows many botnet controllers look a lot like legitimate servers
Of all the annual security reports and blog posts that look back at the previous year, that of Spamhaus is one I particularly look forward to, as it always comes with good and interesting data. Though The Spamhaus Project is probably best known for its blacklists that are widely used for filtering spam, its researchers…
-
Conference review: Botconf 2017
Since its first edition in 2013 , the Virus Bulletin team have been big fans of Botconf , the botnet fighting conference held every year in France. This year, Virus Bulletin sent team members Adrian Luca and Ionuț Răileanu to the event, which took place in the Mediterranean city of Montpellier. There appears to have been…
-
Conference review: Botconf 2017
Since its first edition in 2013 , the Virus Bulletin team have been big fans of Botconf , the botnet fighting conference held every year in France. This year, Virus Bulletin sent team members Adrian Luca and Ionuț Răileanu to the event, which took place in the Mediterranean city of Montpellier. There appears to have been…
-
Vulnerability disclosure and botnet takedown not to be hindered by Wassenaar Arrangement
I have never been too keen on making comparisons between (advanced) cyber attacks and conventional war, as such comparisons tend to ignore the enormous human cost that comes with wars. That said, digital weapons do play an important role in global conflicts, military or otherwise, and thus it makes sense for them to be covered…
-
Vulnerability disclosure and botnet takedown not to be hindered by Wassenaar Arrangement
I have never been too keen on making comparisons between (advanced) cyber attacks and conventional war, as such comparisons tend to ignore the enormous human cost that comes with wars. That said, digital weapons do play an important role in global conflicts, military or otherwise, and thus it makes sense for them to be covered…
-
VB2017 paper: Peering into spam botnets
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…
-
VB2017 paper: Peering into spam botnets
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…
-
VB2017 paper: Beyond lexical and PDNS: using signals on graphs to uncover online threats at scale
Malicious Internet traffic, such as botnet C&C traffic, is easily recognized if it uses known bad domain names, or known bad IP addresses. This is why botnets constantly change the domain names, and often also the IP addresses they use, thus trying to stay one step ahead of the defenders. Enter big data: infected devices…