VB Migration

Tag: rat

  • VB2018 paper: Little Brother is watching – we know all your secrets!

    The use of mobile spyware to spy on (ex-)partners is an underreported problem, despite the prevalence of such apps and their use in cases of domestic violence. At VB2017 in Madrid, security journalist Joseph Cox spoke about this problem. Closely linked to these apps are ‘mutual-awareness tracking apps’, which allow people to track the location…

  • VB2018 paper: Little Brother is watching – we know all your secrets!

    The use of mobile spyware to spy on (ex-)partners is an underreported problem, despite the prevalence of such apps and their use in cases of domestic violence. At VB2017 in Madrid, security journalist Joseph Cox spoke about this problem. Closely linked to these apps are ‘mutual-awareness tracking apps’, which allow people to track the location…

  • New paper: Botception: botnet distributes script with bot capabilities

    The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie ( 1 , 2 , 3 ) who had studied the botnet in great detail. And although, as is typical for botnets, Necurs’ activities can be somewhat volatile, it has been used for some notorious…

  • New paper: Botception: botnet distributes script with bot capabilities

    The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie ( 1 , 2 , 3 ) who had studied the botnet in great detail. And although, as is typical for botnets, Necurs’ activities can be somewhat volatile, it has been used for some notorious…

  • Necurs update reminds us that the botnet cannot be ignored

    If, at some point in the past few years, you have looked at a spam campaign in which a lot of emails were being sent from Vietnam or India, there’s a good chance the spam was sent by the Necurs botnet. Necurs has been active for at least six years – Virus Bulletin published a…

  • Necurs update reminds us that the botnet cannot be ignored

    If, at some point in the past few years, you have looked at a spam campaign in which a lot of emails were being sent from Vietnam or India, there’s a good chance the spam was sent by the Necurs botnet. Necurs has been active for at least six years – Virus Bulletin published a…

  • GravityRAT malware takes your system’s temperature

    Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…

  • GravityRAT malware takes your system’s temperature

    Cisco Talos researchers Warren Mercer and Paul Rascagnères recently discovered and analysed ‘GravityRAT’, an advanced Remote Access Trojan (RAT) that appears to have been used in targeted attacks against organizations in India. Analysis of this piece of malware gives an interesting insight into the current state of malware development. The malware is delivered through a…

  • Paper: IcoScript: using webmail to control malware

    RAT gets instructions from Yahoo Mail address. One of the big challenges for malicious actors in operating a RAT (remote administration tool) is how to control the malware and retrieve data gathered from the infected machine. Listening on a certain port, or regularly connecting to a remote server, is behaviour that is likely to be…

  • ‘Son of Stuxnet’ trojan found

    ‘Duqu’ used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet being used in some highly targeted attacks. The trojan, which has been named ‘Duqu’ after the files with prefix ~DQ it creates, shares source code with Stuxnet…