Tag: kelihos
-
VB2017 paper: Peering into spam botnets
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…
-
VB2017 paper: Peering into spam botnets
Spam continues to be an important infection vector for many malware campaigns, but while a lot of attention is paid to the payloads delivered by these campaigns – Andrew Brandt’s VB2017 talk on Trickbot being just one of many examples – few researchers study the botnets used to send the emails. Bucking that trend are CERT…
-
Kelihos checks machines’ IP addresses against DNS blacklists
Role of node in a botnet dependent on whether the IP address is blacklisted. Whenever I look at the results of the VBSpam tests, it always amazes me how large a percentage of spam is blocked because the sending IP address appears on a DNS blacklist. It is not that I wouldn’t expect those that…