VB Migration

Tag: kelihos

  • VB2017 paper: Peering into spam botnets

    Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…

  • VB2017 paper: Peering into spam botnets

    Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…

  • Kelihos checks machines’ IP addresses against DNS blacklists

    Role of node in a botnet dependent on whether the IP address is blacklisted. Whenever I look at the results of the VBSpam tests, it always amazes me how large a percentage of spam is blocked because the sending IP address appears on a DNS blacklist. It is not that I wouldn’t expect those that…