Difference between revisions of "Battling the Rustock threat"
Jump to navigation
Jump to search
m (1 revision imported) |
m (Text replacement - " go.microsoft.com" to "") |
||
| Line 3: | Line 3: | ||
|Image=Battling the Rustock Threat English P9.png | |Image=Battling the Rustock Threat English P9.png | ||
|Document=Battling the Rustock Threat_English.pdf | |Document=Battling the Rustock Threat_English.pdf | ||
|Link=http://go.microsoft.com/?linkid=9777259 | |Link=http://go.microsoft.com/?linkid=9777259 | ||
|Author=David Anselmi, Richard Boscovich, T.J. Campana, Samantha Doerr, Marc Lauricella, Oleg Petrovsky, Tareq Saade, Holly Stewart | |Author=David Anselmi, Richard Boscovich, T.J. Campana, Samantha Doerr, Marc Lauricella, Oleg Petrovsky, Tareq Saade, Holly Stewart | ||
|NomRevue=Microsoft Security Intelligence Report | |NomRevue=Microsoft Security Intelligence Report | ||
Latest revision as of 22:22, 5 August 2015
(Publication) Google search: [1]
| Battling the Rustock threat | |
|---|---|
| |
| Botnet | Rustock |
| Malware | Rustock, Kelihos, Renos, Winwebsec, Stasky, Bubnix, Meredrop, Bubnix |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2011 / Special Edition"Special Edition" contains an extrinsic dash or other characters that are invalid for a date interpretation. |
| Editor/Conference | Microsoft |
| Link | http://go.microsoft.com/?linkid=9777259 (Archive copy) |
| Author | David Anselmi, Richard Boscovich, T.J. Campana, Samantha Doerr, Marc Lauricella, Oleg Petrovsky, Tareq Saade, Holly Stewart |
| Type | |
Abstract
“ This document provides an overview of the Win32/Rustock family of rootkit-enabled backdoor trojans. The document examines the background of Win32/Rustock, its functionality, how it works, and provides threat telemetry data and analysis from calendar year 2010 through May 2011. In addition, this document details the legal and technical action used to takedown the Rustock botnet and how to detect and remove the threat using Microsoft antimalware products.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR818,
editor = {Microsoft},
author = {David Anselmi, Richard Boscovich, T.J. Campana, Samantha Doerr, Marc Lauricella, Oleg Petrovsky, Tareq Saade, Holly Stewart},
title = {Battling the Rustock threat},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2011},
howpublished = {\url{http://go.microsoft.com/?linkid=9777259}},
}