IcoScript: using webmail to control malware

From Botnets.fr
Revision as of 14:07, 18 July 2015 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

IcoScript: using webmail to control malware
Botnet IcoScript
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-08-05
Editor/Conference Virus Bulletin
Link https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript (Archive copy)
Author Paul Rascagnères
Type White paper

Abstract

Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1397,
   editor = {Virus Bulletin},
   author = {Paul Rascagnères},
   title = {IcoScript: using webmail to control malware},
   date = {05},
   month = Aug,
   year = {2014},
   howpublished = {\url{https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=IcoScript:_using_webmail_to_control_malware&oldid=3718"