IcoScript: using webmail to control malware

From Botnets.fr
Revision as of 15:30, 7 February 2015 by Eric.freyssinet (talk | contribs) (1 revision imported)
Jump to navigation Jump to search

(Publication) Google search: [1]

IcoScript: using webmail to control malware
Botnet IcoScript
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-08-05
Editor/Conference Virus Bulletin
Link https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript www.virusbtn.com (www.virusbtn.com Archive copy)
Author Paul Rascagnères
Type White paper

Abstract

Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1397,
   editor = {Virus Bulletin},
   author = {Paul Rascagnères},
   title = {IcoScript: using webmail to control malware},
   date = {05},
   month = Aug,
   year = {2014},
   howpublished = {\url{https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript www.virusbtn.com}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=IcoScript:_using_webmail_to_control_malware&oldid=3010"