Difference between revisions of "IcoScript: using webmail to control malware"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
 
Line 1: Line 1:
{{Publication
{{Publication
|Type=White paper
|Botnet=IcoScript
|Link=https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript www.virusbtn.com
|Year=2014
|Author=Paul Rascagnères
|NomRevue=Virus Bulletin
|Date=2014-08-05
|Date=2014-08-05
|Editor=Virus Bulletin
|Editor=Virus Bulletin
|Year=2014
|Link=https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript
|Botnet=IcoScript
|Author=Paul Rascagnères
|Type=White paper
|Abstract=Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.
|Abstract=Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.
|NomRevue=Virus Bulletin
}}
}}

Latest revision as of 14:07, 18 July 2015

(Publication) Google search: [1]

IcoScript: using webmail to control malware
Botnet IcoScript
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-08-05
Editor/Conference Virus Bulletin
Link https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript (Archive copy)
Author Paul Rascagnères
Type White paper

Abstract

Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1397,
   editor = {Virus Bulletin},
   author = {Paul Rascagnères},
   title = {IcoScript: using webmail to control malware},
   date = {05},
   month = Aug,
   year = {2014},
   howpublished = {\url{https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript}},
 }