Tag: stealrat

Malware spoofing HTTP Host header to hide C&C communication

Traffic appears as requests to Google or Yandex. There have been several recent examples of malware using a spoofed HTTP Host header to hide communucation with its control servers. When a web browser sends an HTTP request to a web server, it includes a Host header, containing the host of the site that is requested.…

September 4, 2013

Malware spoofing HTTP Host header to hide C&C communication