Tag: c&c
-
VB2015 video: TurlaSat: The Fault in our Stars
Kurt Baumgartner talks about Turla’s extraplanetary activities. Despite the hype around the subject, the tools used by most so-called APT groups are surprisingly mundane. But there are exceptions. In September 2015, researchers at Kaspersky Lab published research on the Turla APT group (also known as Uroburos or Snake), which hijacked satellite Internet links for command…
-
Vawtrak uses Tor2Web to connect to Tor hidden C&C servers
Option hides the servers, without having to include a Tor client in the malware. The authors of the Vawtrak trojan (also known as Neverquest) have moved some of its C&C servers to Tor hidden services and made the malware use Tor2Web to connect to them, Fortinet researcher Raul Alvarez writes . The use of hidden…
-
New IcoScript variant uses Gmail drafts for C&C communication
Switch likely to make modular malware even stealthier. Researchers at Shape Security have found a new variant of the IcoScript RAT that makes use of draft emails stored in Gmail , Wired writes . This summer, we published a paper by G Data researcher Paul Rascagnères, who had discovered the malware, which was most notable…
-
VB2014 paper: Hiding the network behind the network. Botnet proxy business model
Cristina Vatamanu and her colleagues describe how botherders keep their C&C servers hidden. Over the next few months, we will be sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Hiding the network behind the network. Botnet proxy business model’ by Bitdefender researchers Alexandru Maximciuc, Razvan Benchea and…