Property:Botnet
From Botnets.fr
Jump to navigation
Jump to search
This is a property of type
Page
. Default form:
Botnet
Usage
1045
previous 500
20
50
100
250
500
next 500
Filter
<p>The <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Property_page/Filter">search filter</a> allows the inclusion of <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Help:Query_expressions">query expressions</a> such as <code>~</code> or <code>!</code>. The selected <a target="_blank" rel="nofollow noreferrer noopener" class="external text" href="https://www.semantic-mediawiki.org/wiki/Query_engine">query engine</a> might also support case insensitive matching or other short expressions like:</p><ul><li><code>in:</code> result should include the term, e.g. '<code>in:Foo</code>'</li></ul><ul><li><code>not:</code> result should to not include the term, e.g. '<code>not:Bar</code>'</li></ul>
Showing 500 pages using this property.
C
China targets macs used by NGOs
+
Ghostnet
+
Cimbot - A technical analysis
+
Cimbot
+
Citadel : le fichier de configuration
+
Citadel
+
Citadel V1.3.5.1: enter the fort’s dungeons
+
Citadel
+
Citadel plitfi botnet report
+
Citadel
+
Citadel trojan malware analysis
+
Citadel
+
Citadel trojan touts trouble-ticket system
+
Citadel
+
Citadel: a cyber-criminal’s ultimate weapon?
+
Citadel
+
Clampi/Ligats/Ilomo trojan
+
Clampi
+
Collateral damage: Microsoft hits security researchers along with Citadel
+
Citadel
+
Conficker working group
+
Conficker
+
Coreflood botnet - Detection and remediation
+
Coreflood
+
Cracking down on botnets
+
Waledac
+
Cracking into the new P2P variant of Zeusbot/Spyeye
+
SpyEye
+
,
ZeuS
+
Cracking the encrypted C&C protocol of the ZeroAccess botnet
+
ZeroAccess
+
Crisis for Windows sneaks onto virtual machines
+
Crisis
+
Critroni crypto ransomware seen using Tor for command and control
+
CTB-Locker
+
Cross-platform Frutas RAT builder and back door
+
Frutas
+
CryptXXX: new ransomware from the actors behind Reveton, dropping via Angler
+
CryptXXX
+
,
Bedep
+
,
Reveton
+
Crypto breakthrough shows Flame was designed by world-class scientists
+
Flame
+
Crypto experts called on to crack cyberspy tool's encryption
+
Gauss
+
CryptoDefense and How Decrypt ransomware information guide and FAQ
+
CryptoDefense
+
Cutwail drives spike in malicious HTML attachment spam
+
Cutwail
+
Cyber gang seeks botmasters to wage massive wave of trojan attacks against U.S. banks
+
Prinimalka
+
D
DCWG
+
DNSChanger
+
DDoS attacks: the Zemra bot
+
Zemra
+
DDoS watch: keeping an eye on Aldi Bot
+
Aldi Bot
+
DGAs and cyber-criminals: a case study
+
Gameover
+
,
ZeuS
+
DNS: a botnet dialect
+
Morto
+
,
Feederbot
+
DaRK DDoSseR leads to Gh0st RAT
+
DaRK DDoSseR
+
,
Gh0st RAT
+
DarkMegi rootkit - sample (distributed via Blackhole)
+
DarkMegi
+
Darkness DDoS bot version identification guide
+
Darkness
+
De code van Dorifel nader bekeken
+
Dorifel
+
Demystifying Pobelka
+
SpyEye
+
,
Citadel
+
,
Pobelka
+
Department of Justice takes action to disable international botnet
+
Coreflood
+
Department of Labor strategic web compromise
+
Poison Ivy
+
Detecting extended attributes (ZeroAccess) and other Frankenstein’s monsters with HMFT
+
ZeroAccess
+
Detection and classification of different botnet C&C channels
+
Agobot
+
,
Bobax
+
,
Rustock
+
,
…
Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
+
Dharma
+
Digging inside Tinba malware - A walkthrough
+
Tinba
+
Digging into the Nitol DDoS botnet
+
Nitol
+
Dirt Jumper DDoS bot increasingly popular
+
Dirt Jumper
+
Discerning relationships: the Mexican botnet connection
+
Alebrije
+
,
Tequila
+
,
Mariachi
+
,
…
Discovered: botnet costing display advertisers over six million dollars per month
+
Chameleon
+
Disorderly conduct: localized malware impersonates the police
+
Cutwail
+
,
Gema
+
Disttrack malware overwrites files, infects MBR
+
DistTrack
+
Disttrack sabotage malware wipes data at unnamed Middle East energy organization
+
DistTrack
+
Doctor Web a détecté un botnet enrôlant plus de 550 000 Mac
+
Flashback
+
Doctor Web exposes 550 000 strong Mac botnet
+
Flashback
+
Domain generation algorithms (DGA) in stealthy malware
+
Conficker
+
Dorifel crypto malware paralyzes Dutch companies and public sector
+
Citadel
+
,
Dorifel
+
Dorifel is much bigger than expected and it’s still active and growing!
+
Dorifel
+
Dorifel virus gereed voor Nederlandse banking phishing
+
Dorifel
+
Dorifel/Quervar: the support scammer’s secret weapon
+
Dorifel
+
Dorkbot: conquistando Latinoamérica
+
Dorkbot
+
Dragonfly
+
Karagany
+
,
Havex
+
Dragonfly Threat Against Western Energy Suppliers
+
Karagany
+
,
Havex
+
Dridex learns new trick: P2P over HTTP
+
Dridex
+
Duqu FAQ
+
Duqu
+
,
Stuxnet
+
Dutch users served Sinowal for lunch
+
Sinowal
+
Dyre Banking Trojan
+
Dyre
+
E
ESET analyzes first Android file-encrypting, TOR-enabled ransomware
+
Simplocker
+
EURO Winlocker
+
LockScreen.CI
+
Egypt Finfisher intrusion tools and ethics
+
Finfisher
+
Encyclopedia entry: Win32/Carberp
+
Carberp
+
Encyclopedia entry: Win32/Conficker
+
Conficker
+
Encyclopedia entry: Win32/Oderoor
+
Kraken
+
Esthost
+
DNSChanger
+
Esthost taken down - Biggest cybercriminal takedown in history
+
DNSChanger
+
Etude sur le fonctionnement du Trojan.Matsnu.1 codant les données des utilisateurs
+
Rannoh
+
Evolution of Win32Carberp: going deeper
+
Carberp
+
Exploring the market for stolen passwords
+
Andromeda
+
,
Citadel
+
F
F-Secure has discovered MiniDuke malware samples in the wild
+
MiniDuke
+
FAQ on Kelihos.B/Hlux.B sinkholing
+
Kelihos
+
FBI shuts down Coreflood botnet, zombies transmitting financial data
+
Coreflood
+
Fake FBI Ransomware analysis
+
Reveton
+
Feodo - a new botnet on the rise
+
Cridex
+
Festi botnet analysis & investigation
+
Festi
+
FighterPOS: a new one-man PoS malware campaign
+
FighterPOS
+
File infector Expiro hits US, steals FTP credentials
+
Expiro
+
First widespread virus cross-infection
+
Expiro
+
Flame, Duqu and Stuxnet: in-depth code analysis of mssecmgr.ocx
+
Duqu
+
,
Flame
+
,
Stuxnet
+
Flame: replication via Windows Update MITM proxy
+
Flame
+
Flamer analysis: framework reconstruction
+
Flame
+
Flamer: highly sophisticated and discreet threat targets the Middle East
+
Flame
+
Flamer: urgent suicide
+
Flame
+
Flashfake Mac OS X botnet confirmed
+
Flashback
+
From Sakura to Reveton via Smoke Bot - or a botnet distribution of Reveton
+
Smoke Bot
+
,
Reveton
+
Full analysis of Flame's Command & Control servers
+
Flame
+
Full analysis of Flame's command & control servers
+
Flame
+
G
Gamarue dropping Lethic bot
+
Andromeda
+
,
Lethic
+
Gameover (campaign)
+
Dirt Jumper
+
,
Gameover
+
GandCrab ransomware distributed by RIG and GrandSoft exploit kits
+
GandCrab
+
Gangstaservice Winlock Affiliate
+
Casier
+
Gauss: Nation-state cyber-surveillance meets banking Trojan
+
Flame
+
,
Gauss
+
,
Stuxnet
+
Gauss: abnormal distribution
+
Gauss
+
Get gamed and rue the day...
+
Andromeda
+
Getting more "personal" & deeper into Cridex with parfeit credential stealer infection
+
Cridex
+
Ghost Click
+
DNSChanger
+
Gimemo finally targeting USA with Camera Feature too
+
Gimemo
+
Gimemo wants to play in the big league
+
Gimemo
+
Going solo: self-propagating ZBOT malware spotted
+
ZeuS
+
Google Groups trojan
+
Grups
+
Gumblar Google-poisoning attack morphs
+
Gumblar
+
Guys behind Gauss and Flame are the same
+
Flame
+
,
Gauss
+
H
Hackers are increasingly targeting IoT Devices with Mirai DDoS Malware
+
Mirai
+
Hammertoss: stealthy tactics define a Russian cyber threat group
+
Hammertoss
+
Harnig botnet: a retreating army
+
SpyEye
+
,
ZeuS
+
,
Harnig
+
,
…
Harnig is back
+
Rustock
+
,
Harnig
+
Harvesting data on the Xarvester botmaster
+
Srizbi
+
,
Xarvester
+
Have we seen the end of the ZeroAccess botnet?
+
ZeroAccess
+
Herpes botnet
+
HerpesNet
+
HerpesNet botnet 1.7
+
HerpesNet
+
Hesperbot – A new, advanced banking trojan in the wild
+
Hesperbot
+
Hiding in plain sight: the FAKEM remote access trojan
+
FakeM
+
Hiloti: the (bot)master of disguise
+
Bredolab
+
Hive
+
Metulji
+
Hodprot: hot to bot
+
Carberp
+
,
Hodprot
+
,
Sheldor
+
,
…
How Lockergoga took down Hydro — ransomware used in targeted attacks aimed at big business
+
LockerGoga
+
How to steal a Botnet and what can happen when you do
+
Torpig
+
I
IcoScript: using webmail to control malware
+
IcoScript
+
Illuminating the Etumbot APT backdoor
+
Etumbot
+
Industrial espionage and targeted attacks: understanding the characteristics of an escalating threat
+
Nitro
+
,
Sykipot
+
,
Taidoor
+
,
…
Infamous Skynet botnet author allegedly arrested
+
Skynet
+
Inside Andromeda Bot v2.06 Webpanel / AKA Gamarue - Botnet Control Panel
+
Andromeda
+
Inside Carberp botnet
+
Carberp
+
Inside Citadel 1.3.4.5 C&C & Builder - Botnet Control Panel
+
Citadel
+
Inside Pony 1.7 / Fareit C&C - Botnet Control Panel
+
Pony
+
Inside Smoke Bot - Botnet Control Panel
+
Smoke Bot
+
Inside Smoke Bot - botnet control panel
+
Smoke Bot
+
Inside Styx exploit kit control panel
+
Urausy
+
Inside Ulocker
+
ULocker
+
Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel
+
Upas
+
Inside the Grum botnet
+
Grum
+
Inside the world of the Citadel trojan
+
Citadel
+
Inside view of Lyposit aka (for its friends) Lucky LOCKER
+
Lyposit
+
Insights from the analysis of the Mariposa botnet
+
Mariposa
+
Insights into Win32/Bradop
+
Bradop
+
Interconnection of Gauss with Stuxnet, Duqu & Flame
+
Duqu
+
,
Flame
+
,
Gauss
+
,
…
International cyber ring that infected millions of computers dismantled
+
DNSChanger
+
Internet Census 2012, port scanning /0 using insecure embedded devices
+
Carna
+
Introducing Ponmocup-Finder
+
Ponmocup
+
It’s not the end of the world: DarkComet misses by a mile
+
DarkComet
+
J
Joint strike force against Dorifel
+
Dorifel
+
K
Kaptoxa point-of-sale compromise
+
Dexter
+
,
VSkimmer
+
,
BlackPOS
+
Karagny.L unpack
+
Casier
+
Kaspersky Lab et Seculert annoncent la récente découverte de « Madi », une nouvelle attaque de cyberespionnage au Moyen‑Orient
+
Madi
+
Kaspersky security bulletin 2015. Overall statistics for 2015
+
Dyre
+
,
CTB-Locker
+
,
CryptoLocker
+
,
…
Kelihos back in town using Fast Flux
+
Kelihos
+
,
Waledac
+
Kelihos botnet appears again with new variant
+
Kelihos
+
Kelihos botnet trying to expand by harnessing Russian national sentiments
+
Kelihos
+
Kelihos is dead. Long live Kelihos
+
Kelihos
+
Kelihos is dead… No wait… Long live Kelihos! Again!
+
Kelihos
+
Kelihos/Hlux botnet returns with new techniques
+
Kelihos
+
Kelihos: not alien resurrection, more attack of the clones
+
Kelihos
+
,
Storm
+
,
Waledac
+
King of spam:Festi botnet analysis
+
Festi
+
Koobface botnet master KrotReal back in business, distributes ransomware and promotes BHSEO service/product
+
Koobface
+
Koobface, un écosystème cybercriminel ou le conte des Mille et une nuits ?
+
Koobface
+
Kraken botnet infiltration
+
Kraken
+
L
Large-scale analysis of malware downloaders
+
Andromeda
+
,
Donbot
+
,
Gameover
+
,
…
Latest Kelihos botnet shut down live at RSA Conference 2013
+
Kelihos
+
Latest SpyEye botnet active and cheaper
+
SpyEye
+
Latin American banks under fire from the Mexican VOlk-botnet
+
VOlk
+
Le dropper de CTB-Locker
+
CTB-Locker
+
Leouncia - Yet another backdoor
+
Leouncia
+
Leouncia - Yet another backdoor - Part 2
+
Leouncia
+
Lights Out: Dragonfly is on the move
+
Karagany
+
,
Havex
+
Locky Ransomware switches to the Lukitus extension for Encrypted Files
+
Locky
+
,
Lukitus
+
LogPOS - new point of sale malware using mailslots
+
Backoff
+
,
Alina
+
,
LogPOS
+
,
…
Long life to Kelihos!
+
Kelihos
+
Look what I found: it's a Pony!
+
Pony
+
Luckycat
+
Wimmie
+
M
MDK: the largest mobile botnet in China
+
MDK
+
,
Bmaster
+
MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled
+
Mirai
+
MP-DDoser: A rapidly improving DDoS threat
+
MP-DDoser
+
MP-DDoser:Monitoring a rapidly improving DDoS threat
+
MP-DDoser
+
MSRT April 2014 – Ramdo
+
Ramdo
+
,
Beebone
+
MSRT June '12 - cleanup on aisle one
+
Kuluoz
+
MSRT March 2012: breaking bad
+
Dorkbot
+
MSRT November '12 - Weelsof around the world
+
Weelsof
+
MSRT September '12 - Medfos, hijacking your daily search
+
Medfos
+
MSRT march: three hioles in one
+
Andromeda
+
Maazben: best of both worlds
+
Maazben
+
Mac BackDoor.Wirenet.1 config extractor
+
Wirenet
+
Mac Flashback exploiting unpatched Java vulnerability
+
Flashback
+
Mac spyware found at Oslo Freedom Forum
+
HangOver
+
Madi is back - New Tricks and a new Command&Control server
+
Madi
+
Mahdi malware finds 150 new targets including U.S. and Germany, gets more evasive
+
Madi
+
Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode
+
ZeroAccess
+
Malware 2 - from infection to persistence
+
Carberp
+
Malware Uses Google Go Language
+
Encriyoko
+
Malware analysis Rannoh/Matsnu
+
Rannoh
+
Malware analysis of the Lurk downloader
+
Lurk
+
,
KINS
+
Malware attacking POS systems
+
Dexter
+
Malware discovered developed with Google's "Go" programming language
+
Encriyoko
+
Malware evolving to defeat anti-DDoS services like CloudFlare?
+
OutFlare
+
Malware for everyone - Aldi Bot at a discount price
+
Aldi Bot
+
Malware hunting with the Sysinternals tools
+
Stuxnet
+
Malware pandemics
+
Conficker
+
,
IKee.B (botnet)
+
Malware targeting Windows 8 uses Google Docs
+
Makadocs
+
Mariposa botnet 'mastermind' jailed in Slovenia
+
Mariposa
+
Massive Drop in number of active Zeus C&C servers
+
ZeuS
+
Massive search fraud botnet seized by Microsoft and Symantec
+
Bamital
+
Mastermind behind Gozi bank malware charged along with two others
+
Gozi
+
McAfee Labs threat advisory : W32.Pinkslipbot
+
Akbot
+
Measuring and detecting Fast-Flux service networks
+
Storm
+
Measuring botnet populations
+
Conficker
+
,
Miner
+
Mebromi
+
Sinowal
+
Meet ProPack Exploit Pack - yes that's a lot of pack
+
Lyposit
+
Meet ‘Flame’, the massive spy malware infiltrating Iranian computers
+
Flame
+
Members of the largest criminal group engaged in online banking fraud are detained
+
Carberp
+
Mexican Twitter-controlled botnet unpicked
+
Alebrije
+
,
Tequila
+
,
Mariachi
+
,
…
Microsoft and Symantec take down Bamital botnet that hijacks online searches
+
Bamital
+
Microsoft and financial services industry leaders target cybercriminal operations from ZeuS botnets
+
SpyEye
+
,
ZeuS
+
,
Ice-IX
+
Microsoft disrupts the emerging Nitol botnet being spread through an unsecure supply chain
+
Nitol
+
Microsoft neutralizes Kelihos botnet, names defendant in case
+
Kelihos
+
Microsoft partners with Interpol, industry to disrupt global malware attack affecting more than 770,000 PCs in past six months
+
Simda
+
Miniduke
+
MiniDuke
+
MoVP 1.3 Desktops, heaps, and ransomware
+
Accdfisa
+
,
Tigger
+
Mocbot spam analysis
+
Mocbot
+
,
Ranky
+
Monkif botnet hides commands in JPEGs
+
Monkif
+
More Flame/Skywiper CNC behavior uncovered
+
Flame
+
More details of the Dorifel servers
+
Dorifel
+
Morto worm sets a (DNS) record
+
Morto
+
Mpack installs ultra-invisible trojan
+
Srizbi
+
Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication
+
Avatar
+
N
NASK shuts down dangerous Virut botnet domains
+
Virut
+
NGRBot spreads via chat
+
Dorkbot
+
Necurs Quick Analysis
+
Necurs
+
Nepalese government websites compromised to serve Zegost RAT
+
Zegost
+
NetTraveler APT gets a makeover for 10th birthday
+
NetTraveler
+
NetTraveler is back: the 'Red Star' APT returns with new tricks
+
NetTraveler
+
New Apple Mac trojan called OSX/Crisis discovered
+
Crisis
+
New CryptoLocker spreads via removable drives
+
CryptoLocker
+
New Duqu sample found in the wild
+
Duqu
+
New GamaPoS malware piggybacks on Andromeda botnet; spreads in 13 US states
+
GamaPoS
+
New IE Zero-Day used in targeted attacks
+
Pirpi
+
New IceIX (ZeuS variant) changes its encryption method (again)
+
ZeuS
+
,
IceIX
+
New Mac malware discovered on attendee computer at anti-surveillance workshop
+
HangOver
+
New Mahdi updates, new C2 server
+
Mahdi
+
New POS malware emerges - Punkey
+
NewPOSThings
+
,
Punkey
+
New PoS malware “Backoff” targets US
+
Backoff
+
,
Alina
+
New RATs emerge from leaked Njw0rm source code
+
Njw0rm
+
,
Kjw0rm
+
,
Sir DoOom
+
New Thor botnet nearly ready to be sold, price $8,000
+
Thor
+
New Xtreme RAT attacks US, Israel, and other foreign governments
+
Xtreme RAT
+
New crimeware attacks LatAm bank users
+
PiceBOT
+
,
VOlk
+
,
S.A.P.Z.
+
New crypto-ransomware JIGSAW plays nasty games
+
Jigsaw
+
New crypto-ransomware emerge in the wild
+
CTB-Locker
+
,
Cryptoblocker
+
New point-of-sale malware distributed by Andromeda botnet
+
GamaPoS
+
New ransomware plays its victims an audio file, over and over and over…
+
Jagfu
+
New trojan found: Admin.HLP leaks organizations data
+
Admin.HLP
+
New virus SMSZombie.A discovered by TrustGo Security Labs
+
SMSZombie
+
NewPosThings has new PoS things
+
NewPOSThings
+
Newly detected Crisis virus infects Windows, Macs and virtual machines
+
Crisis
+
Ngrbot steals information and mine Bitcoins
+
Dorkbot
+
NitlovePOS: another new POS malware
+
NitlovePOS
+
Nitol DDoS botnet discovered in China
+
Nitol
+
NjRAT & H-Worm variant infections continue to rise
+
Njw0rm
+
,
NjRAT
+
Now you Z-(eus) it, now you don’t: ZeuS bots silently upgraded to Citadel
+
Citadel
+
,
ZeuS
+
Nuevo botnet contra Mexico: Karn!v0r3x
+
Karn!v0r3x
+
Nymaim - obfuscation chronicles
+
Nymaim
+
O
OSX Kitmos analysis
+
HangOver
+
OSX.Iservice technical details
+
IBotnet
+
OSX.iService its not going to iWork for you
+
IBotnet
+
OSX/Crisis has been used as part of a targeted attack
+
Crisis
+
OSX/Flashback - The first malware to infect hundreds of thousands of Apple Mac
+
Flashback
+
Obama order sped up wave of cyberattacks against Iran
+
Stuxnet
+
Olmasco bootkit: next circle of TDL4 evolution (or not)
+
TDL-4
+
,
TDSS
+
On botnets that use DNS for command and control
+
Agobot
+
,
SDBot
+
,
RBot
+
,
…
On the analysis of the ZeuS botnet crimeware toolkit
+
ZeuS
+
One Sinowal trojan + one gang = hundreds of thousands of compromised accountS
+
Torpig
+
,
Sinowal
+
One bot to rule them all
+
Ainslot
+
One-man PoS malware operation captures 22,000 credit card details in Brazil
+
FighterPOS
+
Operation Socialist The Inside Story Of How British Spies Hacked Belgium’s Largest Telco
+
Regin
+
Operation b107
+
Rustock
+
Operation b49
+
Waledac
+
Operation b54
+
Citadel
+
Operation b58
+
Bamital
+
Operation b70
+
Nitol
+
Operation b71
+
SpyEye
+
,
ZeuS
+
,
IceIX
+
Operation b79
+
Kelihos
+
OphionLocker: Joining in the Ransomware Race
+
OphionLocker
+
Over 9 million PCs infected - ZeroAccess botnet uncovered
+
ZeroAccess
+
Overcoming reputation and proof-of-work systems in botnets
+
Storm
+
Overview: inside the ZeuS trojan’s source code
+
ZeuS
+
Owning Kraken zombies
+
Kraken
+
P
P2P botnet Kelihos.B with 100.000 nodes sinkholed
+
Kelihos
+
PETYA crypto-ransomware overwrites MBR to lock users out of their computers
+
Petya
+
Panda Security uncovers bot-killing malware
+
Ainslot
+
,
DarkComet
+
,
ZeuS
+
,
…
Panel Gendarmerie
+
Epubb
+
Panel Supern0va et virus gendarmerie
+
Supern0va
+
Panel Virus Gendarmerie : Ratio 0.36%
+
Undefined-10
+
Petya ransomware skips the files and encrypts your hard drive instead
+
Petya
+
Pitou, The “silent” resurrection of the PITOU notorious Srizbi kernel spambot
+
Pitou
+
,
Srizbi
+
,
Turla
+
Playing cops & robbers with banks & browsers
+
ZeuS
+
PlugX malware: A good hacker is an apologetic hacker
+
PlugX
+
PlugX: new tool for a not so new campaign
+
PlugX
+
PlugX: some uncovered points
+
PlugX
+
PoS RAM scraper malware; past, present and future
+
Backoff
+
,
Dexter
+
,
Alina
+
,
…
Poison Ivy 2.3.0 Documentation
+
Poison Ivy
+
Poison Ivy: assessing damage and extracting intelligence
+
Poison Ivy
+
PoisonIvy adapts to communicate through authentication proxies
+
Poison Ivy
+
PokerAgent botnet stealing over 16,000 Facebook credentials
+
PokerAgent
+
Police Trojan crosses the Atlantic, now targets USA and Canada
+
Goldenbaks
+
,
Silent Winlocker
+
Ponmocup analysis
+
Ponmocup
+
Post-mortem of a zombie: Conficker cleanup after six years
+
Conficker
+
Pramro and Sality - two PEs in a pod
+
Pramro
+
,
Sality
+
Probing the Gozi-Prinimalka campaign
+
Gozi
+
,
Prinimalka
+
Pushdo botnet gets DGA update, over 6,000 machines host new variant
+
Cutwail
+
,
Pushdo
+
Q
Qadars: un nouveau malware bancaire avec un composant mobile
+
Qadars
+
Quervar – Induc.C reincarnate
+
Dorifel
+
QuickPost: Flame & Volatility
+
Flame
+
R
REVETON Ransomware Spreads with Old Tactics, New Infection Method
+
Reveton
+
RIG exploit kit strikes oil
+
Cryptowall
+
Ramnit goes social
+
Ramnit
+
Ransom.II - UGC payment for USA - Windows Genuine impersonation for DE
+
Ransom.II
+
Ransomware : Smile you're on camera - Reveton.C new landing pages
+
Reveton
+
Ransomware : la sulfureuse hypothèse sur la situation chez Norsk Hydro
+
LockerGoga
+
Ransomware Casier - Sharing Design with Lyposit - Gaelic & Persian (
+
Lyposit
+
,
Casier
+
Ransomware Fake Microsoft Security Essentials
+
Ransom.JU
+
Ransomware and Silence Locker control panel
+
Silence Locker
+
Ransomware crimeware kits
+
Silence Locker
+
Ransomware gets professional, targeting Switzerland, Germany and Austria
+
Gimemo
+
Ransomware or Wiper? LockerGoga Straddles the Line
+
LockerGoga
+
Ransomware report: the rise of BandarChor
+
BandarChor
+
Ransomware « Trojan.Casier » Panel
+
Casier
+
Ransomware ‘Holds Up’ victims
+
Rannoh
+
Ransomware: playing on your fears
+
Gema
+
Red October
+
Rocra
+
Relentless Zbot and anti-emulations
+
ZeuS
+
Researchers: Bredolab still lurking, though severely injured
+
Bredolab
+
,
TDL-3
+
,
TDSS
+
Reversing Andromeda-Gamarue botnet
+
Andromeda
+
Reversing malware loaders - The Matsnu-A Case
+
Rannoh
+
Reversing the wrath of Khan
+
Khan
+
Reveton += HU, LV, SK, SI, TR (!), RO - So spreading accross Europe with 6 new Design
+
Reveton
+
Reveton Autumn Collection += AU,CZ, IE, NO & 17 new design
+
Reveton
+
Reveton can speak now !
+
Reveton
+
Reveton.A
+
Reveton
+
Richard Clarke on who was behind the Stuxnet attack
+
Stuxnet
+
Rmnet.12 created a million Windows computer botnet
+
Ramnit
+
Rovnix Reloaded: new step of evolution
+
Carberp
+
Rovnix bootkit framework updated
+
Rovnix
+
Rovnix.D: the code injection story
+
Rovnix
+
S
SDBot IRC botnet continues to make waves
+
SDBot
+
SIM-ple: mobile handsets are weak link in latest online banking fraud scheme
+
SpyEye
+
,
ZeuS
+
,
Gozi
+
SIRv12
+
SpyEye
+
,
Bamital
+
,
Conficker
+
,
…
SIRv12: the obstinacy of Conficker
+
Conficker
+
SKyWIper: A complex malware for targeted attacks
+
Flame
+
SamSam Ransomware Evolves Its Tactics Towards Targeting Whole Companies
+
SamSam
+
SamSam ransomware designed to inundate targeted networks with thousands of copies of itself
+
SamSam
+
Saudi Aramco hit by computer virus
+
DistTrack
+
Scareware locks down computer due to child porn and terrorism
+
Goldenbaks
+
Secrets of the Comfoo masters
+
Comfoo
+
Security alert: SpamSoldier
+
SpamSoldier
+
Security experts detected new Twitter-controlled botnet
+
Alebrije
+
,
Tequila
+
,
Mariachi
+
,
…
Shamoon the Wiper in details
+
Shamoon
+
Shamoon the Wiper: further details (Part II)
+
Shamoon
+
Shamoon the wiper - copycats at work
+
Shamoon
+
,
EraseMBR
+
Shylock financial malware back 'with a vengeance'
+
Shylock
+
Sinowal analysis (Windows 7, 32-bit)
+
Torpig
+
Sinowal: MBR rootkit never dies! (and it always brings some new clever features)
+
Torpig
+
Skunkx DDoS bot analysis
+
Skunkx
+
Skynet, a Tor-powered botnet straight from Reddit
+
Skynet
+
Smartcard vulnerabilities in modern banking malware
+
Carberp
+
,
Ranbyus
+
Sony PlayStation's site SQL injected, redirecting to rogue security software
+
Asprox
+
Sony/Destover: mystery North Korean actor’s destructive and past network activity
+
Destover
+
Sopelka Botnet: three banking trojans and one banking panel
+
Citadel
+
,
Cridex
+
,
Tatanga
+
,
…
Source Code for IoT Botnet ‘Mirai’ Released
+
Mirai
+
,
Bashlight
+
Spam botnets: The fall of Grum and the rise of Festi
+
Cutwail
+
,
Festi
+
,
Grum
+
Spambot evolution 2011
+
Cutwail
+
,
Asprox
+
,
Bagle
+
,
…
Spread of Darkness...Details on the public release of the Darkness DDoS bot
+
Darkness
+
SpyEye being kicked to the curb by its customers?
+
SpyEye
+
,
ZeuS
+
,
IceIX
+
Stealthy peer-to-peer C&C over SMB pipes
+
Duqu
+
Stealthy router-based botnet worm squirming
+
Psybot
+
Stolen passwords allowed hackers to steal over one billion rubles
+
RDPdoor
+
Symantec/Android.Ackposts
+
Ackposts
+
Symantec/Android.Maistealer
+
Maistealer
+
Symantec/Backdoor.Arcomrat
+
Arcom
+
Symantec/W32.Zorenium
+
Zorenium
+
T
TDI - a new element in old TDSS story
+
TDSS
+
TDL3 : The rootkit of all evil
+
TDSS
+
TDL3 : Why so serious
+
TDSS
+
TDL4 - Top Bot
+
TDL-4
+
TDL4 reloaded: Purple Haze all in my brain
+
TDL-4
+
TDSS botnet: full disclosure
+
TDSS
+
TR-24 analysis - Destory RAT family
+
Destory
+
,
PlugX
+
,
Sogu
+
,
…
Takeover of Virut domains
+
Virut
+
Taking down botnets: Microsoft and the Rustock botnet
+
Rustock
+
Tales from Crisis, Chapter 1: The dropper’s box of tricks
+
Crisis
+
Tales from Crisis, Chapter 2: Backdoor’s first steps
+
Crisis
+
Tales from Crisis, Chapter 3: The Italian rootkit job
+
Crisis
+
Tales from Crisis, Chapter 4: a ghost in the network
+
Crisis
+
Targeted attacks and Ukraine
+
MiniDuke
+
Targeted destructive malware explained: Troj/Mdrop-ELD
+
DistTrack
+
Targeted information stealing attacks in South Asia use email, signed binaries
+
HangOver
+
Tatanga attack exposes chipTAN weaknesses
+
Tatanga
+
Tatanga: a new banking trojan with MitB functions
+
Tatanga
+
The "Red October" campaign - An advanced cyber espionage network targeting diplomatic and government agencies
+
Rocra
+
The 'Penquin' Turla
+
Turla
+
The ACCDFISA malware family – Ransomware targeting Windows servers
+
Accdfisa
+
The ACCDFISA malware family – Ransomware targetting Windows servers
+
Accdfisa
+
The Andromeda/Gamarue botnet is on the rise again
+
Andromeda
+
The Coreflood report
+
Coreflood
+
The Cridex trojan targets 137 financial organizations in one go
+
SpyEye
+
,
Carberp
+
,
Cridex
+
,
…
The DGA of Symmi
+
Beebone
+
The Dorkbot rises
+
Dorkbot
+
The Epic Turla operation
+
Turla
+
The Flame: questions and answers
+
Flame
+
The IMDDOS botnet: discovery and analysis
+
IMDDOS
+
The Madi campaign - Part II
+
Madi
+
The Miner botnet: Bitcoin mining goes peer-to-peer
+
Miner
+
The MiniDuke mystery: PDF 0-day government spy assembler 0x29A micro backdoor
+
MiniDuke
+
The Mirage campaign
+
Mirage
+
The Pobelka botnet - a command and control case study
+
Citadel
+
,
Pobelka
+
The Sality botnet
+
Cutwail
+
,
Maazben
+
,
Rustock
+
,
…
The Target breach by the numbers
+
BlackPOS
+
The Waledac protocol: the how and why
+
Waledac
+
The ZeroAccess botnet revealed
+
ZeroAccess
+
The ZeroAccess botnet: mining and fraud for massive financial gain
+
ZeroAccess
+
The ZeroAccess rootkit
+
ZeroAccess
+
The anatomy of a botnet
+
YoYo
+
The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet
+
Waledac
+
The case of TDL3
+
TDSS
+
The evolution of webinjects
+
SpyEye
+
,
ZeuS
+
The first trojan in history to steal Linux and Mac OS X passwords
+
Wirenet
+
The graphic design of "Maktub Locker" ransomware
+
Maktub Locker
+
The growing threat to business banking online
+
Clampi
+
The lifecycle of peer-to-peer (Gameover) ZeuS
+
Cutwail
+
,
Dirt Jumper
+
,
Gameover
+
,
…
The most sophisticated Android trojan
+
Obad
+
The mystery of Duqu framework solved
+
Duqu
+
The mystery of Duqu: part five
+
Duqu
+
The mystery of Duqu: part one
+
Duqu
+
,
Stuxnet
+
The mystery of Duqu: part six (the command and control servers)
+
Duqu
+
The mystery of Duqu: part ten
+
Duqu
+
The mystery of Duqu: part three
+
Duqu
+
The mystery of Duqu: part two
+
Duqu
+
The mystery of the Duqu framework
+
Duqu
+
The real face of Koobface: the largest web 2.0 botnet explained
+
Koobface
+
The rise of TOR-based botnets
+
Atrax
+
,
PTA
+
The tigger trojan: icky, sticky stuff
+
Tigger
+
The underground economy of spam: a botmaster's perspective of coordinating large-scale spam campaigns
+
Cutwail
+
The where and why of Hlux
+
Bredolab
+
,
Kelihos
+
,
Virut
+
,
…
The world's biggest botnets
+
RBot
+
,
Bobax
+
,
Storm
+
The ‘Madi’ infostealers - a detailed analysis
+
Madi
+
The ‘advertising’ botnet
+
Renos
+
The “Hikit” rootkit: advanced and persistent attack techniques (part 1)
+
Hikit
+
The “Hikit” rootkit: advanced and persistent attack techniques (part 2)
+
Hikit
+
Three month FrameworkPOS malware campaign nabs ~43,000 credit cards from point of sale systems
+
FrameworkPOS
+
Tilon-son of Silon
+
Silon
+
,
Tilon
+
Tilon/SpyEye2 intelligence report
+
Silon
+
,
Tilon
+
TinyNuke may be a ticking time bomb
+
TinyNuke
+
Top 50 bad hosts & networks 2011 Q4
+
Dirt Jumper
+
,
ZeuS
+
Top spam botnets exposed
+
Cutwail
+
,
Bobax
+
,
Grum
+
,
…
Torpig - Back to the future or how the most sophisticated trojan in 2008 reinvents itself
+
Torpig
+
TorrentLocker ransomware uses email authentication to refine spam runs
+
TorrentLocker
+
Tracking down the author of the PlugX RAT
+
PlugX
+
Travnet botnet steals huge amount of sensitive data
+
Travnet
+
Travnet trojan could be part of APT campaign
+
Travnet
+
TreasureHunt: a custom POS malware tool
+
TreasureHunt
+
Trend Micro discovers MalumPoS; malware targeting hotels and other US industries
+
MalumPoS
+
Trojan ChePro, the CPL storm
+
ChePro
+
Trojan Nap aka Kelihos/Hlux - Feb. 2013 status update
+
Kelihos
+
Trojan downloaders on the rise: don’t let Locky or TeslaCrypt ruin your day
+
TeslaCrypt
+
,
Locky
+
,
Nemucod
+
Trojan horse using sender policy framework
+
Spachanel
+
Trojan on the loose: an in-depth analysis of police trojan
+
Goldenbaks
+
Trojan.Prinimalka: bits and pieces
+
Gozi
+
,
Prinimalka
+
Trojan.Ransomgerpo criminal arrested
+
Ransom.EY
+
Trojan.Taidoor takes aim at policy think tanks
+
Taidoor
+
Trojan.Tatanarg.B careful!
+
Tatanarg
+
,
Spamuzle
+
Trojan.Whitewell: what’s your (bot) Facebook status today?
+
Whitewell
+
Trojan.ZeroAccess infection analysis
+
ZeroAccess
+
Trusteer warns of new two headed trojan attack against online banks
+
Silon
+
Twitter + Pastebin = malware update
+
Sninfs
+
U
Under the hood of Carberp: Malware & configuration analysis
+
Carberp
+
Unexpected reboot: Necurs
+
Necurs
+
Unveiling an Indian cyberattack infrastructure - a special report
+
HangOver
+
Unveiling the network criminal infrastructure of TDSS/TDL4 - DGAv14: a case study on a new TDSS/TDL4 variant
+
TDL-4
+
,
DGAv14
+
Upas Kit (aka Rombrast) integrates webinjects
+
Upas
+
Upatre, Dyre used in Univ. of Florida attack
+
Dyre
+
,
Upatre
+
Update to Citadel : 1.3.5.1 Rain Edition.
+
Citadel
+
Update to Citadel : v.1.3.4.5
+
Citadel
+
Urausy has big plan for Europe - Targeting 3 new countries among which Norway !
+
Urausy
+
Urausy improving its localization - A (the\?) Gaelic Ransomware with Interpol impersonation as default landing
+
Urausy
+
Urausy ransomware - July 2013 design refresh - "Summer 2013 collection"
+
Urausy
+
Urausy: Colorfull design refresh (+HR) & EC3 Logo
+
Urausy
+
V
VOlk-botnet takes over Latin America
+
VOlk
+
Vawtrak gains momentum and expands targets
+
Neverquest
+
,
Gozi
+
,
Prinimalka
+
Versatile and infectious: Win64/Expiro is a cross-platform file infector
+
Expiro
+
VinSelf - A new backdoor in town
+
VinSelf
+
ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar
+
ViperRAT
+
Virus Gendarmerie : variante Office Centrale de Luttre contre la criminalité – controle informationnel
+
Epubb
+
Virut malware fuels Waledac botnet resurgence
+
Virut
+
,
Waledac
+
W
W32.Duqu, the precursor to the next Stuxnet
+
Duqu
+
W32.Flamer: spreading mechanism tricks and exploits
+
Flame
+
W32.Qakbot in detail
+
Akbot
+
W32.Shadesrat (Blackshades) author arrested
+
BlackShades
+
W32.Stuxnet dossier
+
Stuxnet
+
W32.Tinba (Tinybanker) The turkish incident
+
Tinba
+
W32.Xpaj.B: making easy money from complex code
+
Xpaj
+
Waledac Botnet - Deployment and Communication Analysis
+
Waledac
+
Navigation menu
Personal tools
Log in
Namespaces
Property
Discussion
Variants
Views
Read
View source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Upload file
Special pages
Printable version
Permanent link
Page information
Browse properties