An analysis of the cross-platform backdoor NetWeirdRC
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Publication) Google search: [1]
| An analysis of the cross-platform backdoor NetWeirdRC | |
|---|---|
| Botnet | NetWeirdRC |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 22 aug2012 |
| Editor/Conference | Intego |
| Link | http://www.intego.com/mac-security-blog/an-analysis-of-the-cross-platform-backdoor-netweirdrc/ (Archive copy) |
| Author | Lysa Myers |
| Type | |
Abstract
“ A backdoor called OSX/NetWeirdRC has been found that affects OS X (versions 10.6 and higher), Windows, Linux and Solaris. Much like OSX/Crisis, this is a commercial remote access tool that was leaked to Virus Total. This malware appears to be in the wild, but the risk is considered low at this time. It is not known how the malware would arrive, though presumably it would be part of a targeted attack and it would come with a custom dropper or entice the user to run a file through social engineering.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1124,
editor = {Intego},
author = {Lysa Myers},
title = {An analysis of the cross-platform backdoor NetWeirdRC},
date = {22},
month = Aug,
year = {2012},
howpublished = {\url{http://www.intego.com/mac-security-blog/an-analysis-of-the-cross-platform-backdoor-netweirdrc/}},
}