Monkif botnet hides commands in JPEGs

From Botnets.fr
Revision as of 17:12, 31 July 2015 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

(Publication) Google search: [1]

Monkif botnet hides commands in JPEGs
Monkif Botnet hides commands in JPEGs.png
Botnet Monkif
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-07-05
Editor/Conference McAfee Labs
Link http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs (Archive copy)
Author Vikas Taneja
Type Blogpost

Abstract

As we see new threats arrive daily employing unique and complex capabilities, it is surprising to find a Swedish bot using a control server that was active in 2009. Generally malware authors keep changing their control servers–especially after reports about them surface–but not in this case. This network belongs to prq.se, which hosts at IP address 88.80.7.152 and is an Internet service provider.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1065,
   editor = {McAfee Labs},
   author = {Vikas Taneja},
   title = {Monkif botnet hides commands in JPEGs},
   date = {05},
   month = Jul,
   year = {2012},
   howpublished = {\url{http://blogs.mcafee.com/mcafee-labs/monkif-botnet-hides-commands-in-jpegs}},
 }