Tag: botnet
-
Mostly blocked, but still good enough: Necurs sending pump-and-dump spam
Over the past few days, the Necurs spam botnet has increased its activity, sending large amounts of pump-and-dump spam, in which a cheap stock is pushed with the aim of making a profit for those behind the campaign. The Dynamoo blog lists examples of the various emails sent, while Cisco ‘s Talos group provides some…
-
Conference review: Botconf 2016
This review was written by Martijn Grooten, Adrian Luca and Ionuț Răileanu. Though still only in its fourth year, Botconf has become one of the Virus Bulletin team’s favourite conferences. Late in November, three of the VB team flew to Lyon to attend this year’s three-day event. As its name suggests, Botconf is aimed at…
-
Conference review: Botconf 2016
This review was written by Martijn Grooten, Adrian Luca and Ionuț Răileanu. Though still only in its fourth year, Botconf has become one of the Virus Bulletin team’s favourite conferences. Late in November, three of the VB team flew to Lyon to attend this year’s three-day event. As its name suggests, Botconf is aimed at…
-
More on the Moose botnet at Botconf
This week, several members of the Virus Bulletin team are attending Botconf 2016 in Lyon, France. Security conferences provide good opportunities to meet fellow researchers and to learn about new trends and developments, but it also interesting to see a continuation of previously presented research. At this year’s Botconf, GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau presented their research on…
-
More on the Moose botnet at Botconf
This week, several members of the Virus Bulletin team are attending Botconf 2016 in Lyon, France. Security conferences provide good opportunities to meet fellow researchers and to learn about new trends and developments, but it also interesting to see a continuation of previously presented research. At this year’s Botconf, GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau presented their research on…
-
Paper: a timeline of mobile botnets
Ruchna Nigam provides an overview of more than 60 mobile malware families. The rise of mobile malware is still a relatively recent thing, with the first actual mobile botnets not appearing until the beginning of this decade. However, since then things have changed quickly, and today there are more than one million known mobile malware…
-
VB2014 paper: Caphaw – the advanced persistent pluginer
Micky Pun and Neo Tan analyse the banking trojan that is best known for spreading through Skype. Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Caphaw – the advanced persistent pluginer’ by Fortinet…
-
Coordinated action takes down Ramnit botnet infrastructure
Malware remains present on infected machines; 2012 Virus Bulletin paper worth studying. A coordinated action from Anubisnetworks , Microsoft and Symantec , together with Europol has done serious damage to the infrastructure behind the ‘Ramnit’ botnet. Ramnit is one of those botnets that lurk in the background of the Internet. Its infections mainly occur in…
-
VB2014 paper: Hiding the network behind the network. Botnet proxy business model
Cristina Vatamanu and her colleagues describe how botherders keep their C&C servers hidden. Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Hiding the network behind the network. Botnet proxy business model’ by Bitdefender researchers Alexandru Maximciuc, Razvan Benchea and…
-
Paper: Prosecting the Citadel botnet – revealing the dominance of the Zeus descendent: part two
Aditya K. Sood and Rohit Bansal study the malware’s behaviour when ran on a physical machine. Last week, we published the first part of the paper ‘Prosecting the Citadel botnet – revealing the dominance of the Zeus descendent’. In it, researchers Aditya K. Sood and Rohit Bansal looked at the design and implementation of the…