Difference between revisions of "New Mahdi updates, new C2 server"
Jump to navigation
Jump to search
m (1 revision imported) |
m (Text replacement - " août " to " aug") |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Link=http://blog.seculert.com/2012/08/new-mahdi-updates.html | |Botnet=Mahdi | ||
|Year=2012 | |||
|Date=29 aug2012 | |||
|Editor=Seculert | |||
|Link=http://blog.seculert.com/2012/08/new-mahdi-updates.html | |||
|Author=Seculert | |Author=Seculert | ||
|Abstract=As part of our joint research with Kaspersky Labs, we identified different variants, with different versions of the malware, communicating with four additional servers all located in Canada. While most of the variants communicated with these four servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well. | |||
|NomRevue=Seculert blog | |NomRevue=Seculert blog | ||
}} | }} |
Latest revision as of 21:30, 5 August 2015
(Publication) Google search: [1]
New Mahdi updates, new C2 server | |
---|---|
Botnet | Mahdi |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 29 aug2012 |
Editor/Conference | Seculert |
Link | http://blog.seculert.com/2012/08/new-mahdi-updates.html (Archive copy) |
Author | Seculert |
Type |
Abstract
“ As part of our joint research with Kaspersky Labs, we identified different variants, with different versions of the malware, communicating with four additional servers all located in Canada. While most of the variants communicated with these four servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1140, editor = {Seculert}, author = {Seculert}, title = {New Mahdi updates, new C2 server}, date = {29}, month = Aug, year = {2012}, howpublished = {\url{http://blog.seculert.com/2012/08/new-mahdi-updates.html}}, }