New Mahdi updates, new C2 server
Revision as of 23:12, 30 August 2012 by Eric.freyssinet (talk | contribs)
(Publication) Google search: [1]
New Mahdi updates, new C2 server | |
---|---|
Botnet | Mahdi |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 29 août 2012 |
Editor/Conference | Seculert |
Link | http://blog.seculert.com/2012/08/new-mahdi-updates.html blog.seculert.com (blog.seculert.com Archive copy) |
Author | Seculert |
Type |
Abstract
“ As part of our joint research with Kaspersky Labs, we identified different variants, with different versions of the malware, communicating with four additional servers all located in Canada. While most of the variants communicated with these four servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1140, editor = {Seculert}, author = {Seculert}, title = {New Mahdi updates, new C2 server}, date = {Error: Invalid time.}, month = Error: Invalid time., year = {2012}, howpublished = {\url{http://blog.seculert.com/2012/08/new-mahdi-updates.html blog.seculert.com}}, }