Difference between revisions of "Malware analysis of the Lurk downloader"
Jump to navigation
Jump to search
m (1 revision imported) |
|||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
| | |Botnet=Lurk, KINS | ||
| | |Year=2014 | ||
|Date=2014-08-07 | |Date=2014-08-07 | ||
|Editor=DELL SecureWorks | |Editor=DELL SecureWorks | ||
| | |Link=http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/ | ||
| | |Author=Brett Stone-Gross | ||
|Type=Blogpost | |||
|Abstract=Lurk is a malware downloader that uses digital steganography: the art of hiding secret information within a digital format, such as an image, audio, or video file. Lurk specifically uses an algorithm that can embed encrypted URLs into an image file by inconspicuously manipulating individual pixels. The resulting image contains additional data that is virtually invisible to an observer. Lurk's primary purpose is to download and execute secondary malware payloads. In particular, the Dell SecureWorks Counter Threat Unit™ (CTU) research team has observed Lurk dropping malware used to commit click fraud. | |Abstract=Lurk is a malware downloader that uses digital steganography: the art of hiding secret information within a digital format, such as an image, audio, or video file. Lurk specifically uses an algorithm that can embed encrypted URLs into an image file by inconspicuously manipulating individual pixels. The resulting image contains additional data that is virtually invisible to an observer. Lurk's primary purpose is to download and execute secondary malware payloads. In particular, the Dell SecureWorks Counter Threat Unit™ (CTU) research team has observed Lurk dropping malware used to commit click fraud. | ||
|NomRevue=DELL SecureWorks Threat Analyses | |||
|Keyword=Steganography | |Keyword=Steganography | ||
}} | }} |
Latest revision as of 10:30, 7 July 2015
(Publication) Google search: [1]
Malware analysis of the Lurk downloader | |
---|---|
Botnet | Lurk, KINS |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2014 / 2014-08-07 |
Editor/Conference | DELL SecureWorks |
Link | http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/ (Archive copy) |
Author | Brett Stone-Gross |
Type | Blogpost |
Abstract
“ Lurk is a malware downloader that uses digital steganography: the art of hiding secret information within a digital format, such as an image, audio, or video file. Lurk specifically uses an algorithm that can embed encrypted URLs into an image file by inconspicuously manipulating individual pixels. The resulting image contains additional data that is virtually invisible to an observer. Lurk's primary purpose is to download and execute secondary malware payloads. In particular, the Dell SecureWorks Counter Threat Unit™ (CTU) research team has observed Lurk dropping malware used to commit click fraud.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1394, editor = {DELL SecureWorks}, author = {Brett Stone-Gross}, title = {Malware analysis of the Lurk downloader}, date = {07}, month = Aug, year = {2014}, howpublished = {\url{http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/}}, }