VB Migration

Tag: icoscript

  • New IcoScript variant uses Gmail drafts for C&C communication

    Switch likely to make modular malware even stealthier. Researchers at Shape Security have found a new variant of the IcoScript RAT that makes use of draft emails stored in Gmail , Wired writes . This summer, we published a paper by G Data researcher Paul Rascagnères, who had discovered the malware, which was most notable…

  • Paper: IcoScript: using webmail to control malware

    RAT gets instructions from Yahoo Mail address. One of the big challenges for malicious actors in operating a RAT (remote administration tool) is how to control the malware and retrieve data gathered from the infected machine. Listening on a certain port, or regularly connecting to a remote server, is behaviour that is likely to be…