Difference between revisions of "Nepalese government websites compromised to serve Zegost RAT"
Jump to navigation
Jump to search
(Page créée avec « {{Publication |Image= |Legend= |Document= |Licence= |Video= |Link=http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compro... ») |
m (Text replacement - " août " to " aug") |
||
| (One intermediate revision by the same user not shown) | |||
| Line 8: | Line 8: | ||
|Author=Gianluca Giuliani, Elad Sharf, | |Author=Gianluca Giuliani, Elad Sharf, | ||
|NomRevue=Security Labs Blog | |NomRevue=Security Labs Blog | ||
|Date=08 | |Date=08 aug2012 | ||
|Editor=Websense | |Editor=Websense | ||
|Year=2012 | |Year=2012 | ||
Latest revision as of 21:31, 5 August 2015
(Publication) Google search: [1]
| Nepalese government websites compromised to serve Zegost RAT | |
|---|---|
| Botnet | Zegost |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 08 aug2012 |
| Editor/Conference | Websense |
| Link | http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compromised-to-serve-zegost-backdoor.aspx community.websense.com (community.websense.com Archive copy) |
| Author | Gianluca Giuliani, Elad Sharf |
| Type | |
Abstract
“ The Websense® ThreatSeeker® Network has detected that two Nepalese government websites, the National Information Technology Center (NITC) and the Office of the Prime Minister and Council Minister (nitc.gov.np and opmcm.gov.np respectively), have been compromised and injected with malicious code that tries to exploit the Java vulnerability CVE-2012-0507. The aim of this injection is to install, through successfully exploiting that Java weakness, a backdoor that is also dubbed "Zegost" on the systems of visitors to these websites.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1109,
editor = {Websense},
author = {Gianluca Giuliani, Elad Sharf},
title = {Nepalese government websites compromised to serve Zegost RAT},
date = {08},
month = Aug,
year = {2012},
howpublished = {\url{http://community.websense.com/blogs/securitylabs/archive/2012/08/08/nepalese-government-websites-compromised-to-serve-zegost-backdoor.aspx community.websense.com}},
}