Tag: ids

Paper: IcoScript: using webmail to control malware

RAT gets instructions from Yahoo Mail address. One of the big challenges for malicious actors in operating a RAT (remote administration tool) is how to control the malware and retrieve data gathered from the infected machine. Listening on a certain port, or regularly connecting to a remote server, is behaviour that is likely to be…

August 4, 2014

Paper: IcoScript: using webmail to control malware