Monkif botnet hides commands in JPEGs

From Botnets.fr
Revision as of 16:27, 7 February 2015 by Eric.freyssinet (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Monkif botnet hides commands in JPEGs
Monkif Botnet hides commands in JPEGs.png
Botnet Monkif
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 05 juillet 2012
Editor/Conference McAfee Labs
Link http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs blogs.mcafee.com (blogs.mcafee.com Archive copy)
Author Vikas Taneja
Type

Abstract

As we see new threats arrive daily employing unique and complex capabilities, it is surprising to find a Swedish bot using a control server that was active in 2009. Generally malware authors keep changing their control servers–especially after reports about them surface–but not in this case. This network belongs to prq.se, which hosts at IP address 88.80.7.152 and is an Internet service provider.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1065,
   editor = {McAfee Labs},
   author = {Vikas Taneja},
   title = {Monkif botnet hides commands in JPEGs},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs blogs.mcafee.com}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=Monkif_botnet_hides_commands_in_JPEGs&oldid=2332"