Search results

Page title matches

• Inside Pony 1.7 / Fareit C&C - Botnet Control Panel
  350 bytes (41 words) - 16:07, 28 July 2015
• Inside Citadel 1.3.4.5 C&C & Builder - Botnet Control Panel
  368 bytes (39 words) - 19:07, 7 February 2015
• Detection and classification of different botnet C&C channels
  |Image=Detection and Classification of Different Botnet C&C Channels.png ...[botnet]] [[C&C]] traffic is inherently different from legitimate network traffic. The best performance of our detection system has an overall accuracy of 0.
  1 KB (207 words) - 21:49, 30 July 2015
• Library file in certain Android apps connects to C&C servers
  ...device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its rout
  627 bytes (85 words) - 22:13, 5 August 2015
• Massive Drop in number of active Zeus C&C servers
  ...I checked the script – everything looked ok. So the massive drop of ZeuS C&C server is fact. I noticed that six of the worst ZeuS hosting ISP suddently
  536 bytes (93 words) - 00:50, 22 August 2015
• Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel
  516 bytes (67 words) - 19:02, 7 February 2015
• Walking through Win32/Jabberbot.A instant messaging C&C
  997 bytes (139 words) - 16:30, 3 August 2015
• Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication
  865 bytes (117 words) - 12:57, 31 July 2015
• Custom C&C encryption algorithm
  40 bytes (3 words) - 03:27, 8 August 2015
• Weelsof use SSL C&C
  |Link=http://www.xylibox.com/2012/09/weelsof-use-ssl-c.html www.xylibox.com
  374 bytes (41 words) - 16:28, 7 February 2015
• Encrypt without C&C connection
  39 bytes (3 words) - 11:29, 23 March 2016
• Cracking the encrypted C&C protocol of the ZeroAccess botnet
  211 bytes (25 words) - 22:56, 5 August 2015
• Stealthy peer-to-peer C&C over SMB pipes
  1 KB (127 words) - 22:30, 31 July 2015
• C
  24 bytes (2 words) - 12:00, 30 October 2016
• Visual C++
  24 bytes (2 words) - 12:00, 31 July 2015

Page text matches

• Botnet command server hidden in Tor
  ...ution, regarding C&C traffic obfuscation. The botnet owners placed their C&C server, which uses the common IRC protocol, as a hidden service inside of t
  532 bytes (75 words) - 19:18, 3 August 2015
• Researchers: Bredolab still lurking, though severely injured
  ...d taken offline, a single C&C in Russia (proobizz.cc) has remained. This C&C, and the bots communicating with it, are carrying out the last command issu
  592 bytes (81 words) - 00:42, 31 July 2015
• Logging
  |Description=Logging information is sent to the C&C
  93 bytes (12 words) - 13:48, 8 August 2015
• Webmail
  |Description=Webmail used as a C&C medium
  89 bytes (12 words) - 15:50, 3 August 2015
• Maktub Locker
  |Feature=Encrypt files, Encrypt without C&C connection,
  158 bytes (21 words) - 11:39, 23 March 2016
• IcoScript
  |Introduction=* Seen using Yahoo webmail as C&C
  137 bytes (19 words) - 15:16, 18 July 2015
• Trojan.Whitewell: what’s your (bot) Facebook status today?
  ...f old C&C channels, decides to pick up Facebook as a coordinator for the C&C server. I use the word “coordinator” because the Trojan only receives s
  812 bytes (121 words) - 11:13, 3 August 2015
• The mystery of Duqu: part six (the command and control servers)
  ...er in India, located at an ISP called Webwerks. Since then, another Duqu C&C server has been discovered which was hosted on a server at Combell Group Nv ...rvers were used as part of the infrastructure, some of them used as main C&C proxies while others were used by the attackers to jump around the world an
  1 KB (211 words) - 04:57, 19 August 2015
• On botnets that use DNS for command and control
  |Author=Christian J. Dietrich, Christian Rossow, Felix C. Freiling, Herbert Bos, Maarten van Steen, Norbert Pohlmann, ...ion, we correctly detected DNS C&C in mixed office workstation network traffic.
  1,003 bytes (130 words) - 14:14, 31 July 2015
• VinSelf
  ...duction=Lié à [[sibling::Leouncia]] (enregistrement du nom de domaine du C&C)
  260 bytes (28 words) - 15:44, 8 August 2015
• Detection and classification of different botnet C&C channels
  |Image=Detection and Classification of Different Botnet C&C Channels.png ...[botnet]] [[C&C]] traffic is inherently different from legitimate network traffic. The best performance of our detection system has an overall accuracy of 0.
  1 KB (207 words) - 21:49, 30 July 2015
• Massive Drop in number of active Zeus C&C servers
  ...I checked the script – everything looked ok. So the massive drop of ZeuS C&C server is fact. I noticed that six of the worst ZeuS hosting ISP suddently
  536 bytes (93 words) - 00:50, 22 August 2015
• Google Groups trojan
  ...groups is relatively common, but this is the first instance of newsgroup C&C usage that Symantec has detected.
  931 bytes (139 words) - 14:42, 3 August 2015
• Mocbot spam analysis
  ...command-and-control (C&C) channel. In this article we explore the Mocbot C&C in order to gain a better understanding of the reason for Mocbot's existenc The C&C servers, bniu.househot.com and ypgw.wallloan.com have been published in mos
  949 bytes (149 words) - 12:46, 31 July 2015
• Dyre
  ...Banking credential theft, Man in the browser, Backconnect server, Custom C&C encryption algorithm, Domain generation algorithm,
  315 bytes (40 words) - 05:29, 12 August 2015
• Tales from Crisis, Chapter 4: a ghost in the network
  ...ct=This post is about the first network communication of Crisis with the C&C server. The reason why I think it’s very useful to write about it is that ...he C&C server is an authentication request. In the the sample I have the C&C server was located at the IP address 176.58.100.37. The communication is vi
  1 KB (168 words) - 21:31, 5 August 2015
• Cracking into the new P2P variant of Zeusbot/Spyeye
  ...he main server controlled by the attackers, this server is not a typical C&C in its functionalities, but is mainly a collector of information from the d
  1 KB (193 words) - 05:28, 12 August 2015
• BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection
  botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g.,
  2 KB (262 words) - 22:28, 5 August 2015
• Domain generation algorithms (DGA) in stealthy malware
  ...out to a handful of the candidates in a vein attempt to locate an active C&C server.
  1 KB (174 words) - 05:24, 12 August 2015
• Morto worm sets a (DNS) record
  ...ands embedded in HTML pages and image files. W32.Morto has added another C&C communication vector by supplying remote commands through Domain Name Syste
  882 bytes (136 words) - 21:37, 30 July 2015
• Obad
  |Infrastructure=* C&C related to domains androfox.com and androfox.tk
  385 bytes (48 words) - 15:46, 8 August 2015
• ZeuSbot/Spyeye P2P updated, fortifying the botnet
  ...in the botnet, moving the network architecture away from a simple bot-to-C&C system and introducing the beginnings of a peer-to-peer model. This new var ...e to contact other peers to receive configuration files with URLs of new C&C servers.
  2 KB (381 words) - 05:27, 12 August 2015
• Equation: the Death Star of malware galaxy
  ...compiled in 2002; however, their C&C was registered in August 2001. Other C&Cs used by the Equation group appear to have been registered as early as 19
  764 bytes (114 words) - 00:08, 17 February 2015
• Attackers place Command and Control servers inside enterprise walls
  Skilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses in order to circumve ...helps attackers to stay stealthy as they exfiltrate data, as very little C&C traffic is leaving the network.
  2 KB (230 words) - 22:48, 5 August 2015
• Avatar rootkit: the continuing saga
  ...cted a repacked Win32/Rootkit.Avatar with an active command and control (C&C) server. In this blog post we confirm that Avatar in-the-wild activity cont
  942 bytes (133 words) - 20:22, 30 July 2015
• Xarvester
  * [[feature::Upload minidump]] crash dump to C&C for debugging
  378 bytes (47 words) - 06:41, 14 August 2015
• The rise of TOR-based botnets
  ...useful way to use the hidden service protocol is for communicating with C&C, getting update for configuration information, or downloading additional ma
  1 KB (170 words) - 18:18, 3 August 2015
• YoYo
  ...ommunication utilisé est artisanal (blob binaire de 232 octets envoyé au C&C). Le chiffrement semble basé sur une table de substitution dont la variabl
  1 KB (194 words) - 15:49, 8 August 2015
• Alina: casting a shadow on POS
  ...s the command and control (C&C) structure used between them. Utilizing a C&C communication channel for data exfiltration, while previously rare, has bec
  1 KB (158 words) - 11:25, 18 July 2015
• Infinity
  |Introduction=Infinity est un loader / botnet à base d'HTTP codé en C++. |Language1=C++
  482 bytes (67 words) - 01:44, 31 July 2015
• VertexNet
  Le loader est codé en C++ sous utilisant Code:: Blocks avec le compilateur mingw.<br /> |[[File:Vertexpanel.png|‎200px|thumb|left|C&C de VertexNet]]
  734 bytes (113 words) - 15:48, 8 August 2015
• New Mahdi updates, new C2 server
  ...servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well.
  546 bytes (78 words) - 21:30, 5 August 2015
• Leouncia - Yet another backdoor - Part 2
  |Abstract=Leouncia's C&C payload decryption consists of two major phases. The first part is the form
  496 bytes (69 words) - 21:50, 5 August 2015
• New crypto-ransomware emerge in the wild
  ...will also skip files found the folders C:\\WINDOWS, C:\\PROGRAM FILES, and C:\PROGRAM FILES (X86).
  977 bytes (136 words) - 22:13, 5 August 2015
• Library file in certain Android apps connects to C&C servers
  ...device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its rout
  627 bytes (85 words) - 22:13, 5 August 2015
• Cimbot - A technical analysis
  |Abstract=I was recently sent a .pcap file of a bot's C&C communications. Every 182 seconds, the bot would download a GIF file from v
  513 bytes (75 words) - 12:04, 31 July 2015
• Security alert: new TGLoader Android malware utilizes the exploid root exploit
  ...er is to retreive a destination number and related message body from the C&C servers. Once received, it composes the message and sends it out in the bac
  1 KB (178 words) - 12:48, 31 July 2015
• Gendarmerie
  * C&C contact on link like: svpembtywvrc.eu /gate.php?cmd=ping&botnet=be1&userid=
  542 bytes (74 words) - 15:47, 8 August 2015
• Alina: following the shadow part 1
  ...blog post I'm going to focus on the creation timeline, exfiltration, and C&C.
  601 bytes (92 words) - 11:41, 18 July 2015
• Unveiling the network criminal infrastructure of TDSS/TDL4 - DGAv14: a case study on a new TDSS/TDL4 variant
  ...ns multiple different networks in Europe, US and Asia. While most of the C&C IP addresses have been associated in the past with illicit operations (i.e. ...sing the GTISC sinkhole infrastructure to verify what we infer about its C&C communication channels and growth. As of today we have observed close to 20
  2 KB (412 words) - 22:23, 2 August 2015
• Full analysis of Flame's Command & Control servers
  ...blicly available information. That helped our understanding of where the C&C servers were located and how they were registered. ...new information that was collected during forensic analysis of the Flame C&C servers. This investigation was done in partnership with Symantec, ITU-IMPA
  2 KB (272 words) - 18:57, 7 February 2015
• Malware targeting Windows 8 uses Google Docs
  ...jan horse. It receives and executes commands from a command-and-control (C&C) server and it gathers information from the compromised computer including
  658 bytes (88 words) - 21:43, 5 August 2015
• LockBit
  |Programming language=C, ASM
  130 bytes (14 words) - 07:04, 15 July 2021
• Backdoor uses Evernote as command and control server
  ...alware that appears to be using Evernote as a communication and control (C&C) server. Detected as BKDR_VERNOT.A, the malware attempts to connect to Ever
  721 bytes (100 words) - 12:30, 3 August 2015
• The mystery of the Duqu framework
  ...ctually the “main” function that implements all the logics of contacting C&C servers, receiving additional payload modules and executing them. The most ...ns and user-written code, except the biggest slice that contains most of C&C interaction code.
  2 KB (256 words) - 18:48, 8 February 2015
• Flamer: urgent suicide
  ...d computer. The Flamer attackers were still in control of at least a few C&C servers, which allowed them to communicate with a specific set of compromis ...ontrol server to acquire additional commands. Following the request, the C&C server shipped them a file named browse32.ocx. This file can be summarized
  2 KB (281 words) - 21:47, 5 August 2015
• Inside an APT campaign with multiple targets in India and Japan
  ...campaigns. The attackers behind this campaign maintain a diverse set of C&C infrastructure and leverages anonymity tools to obfuscate
  752 bytes (105 words) - 03:44, 19 August 2015
• Win32/Gataka: a banking Trojan ready to take off
  ...binaries and the amount of logging information that is sent back to the C&C.
  1 KB (171 words) - 16:27, 7 February 2015
• The where and why of Hlux
  ...ration, which disabled the botnet and its backup infrastructure from the C&C.
  1 KB (232 words) - 19:00, 7 February 2015
• Introducing Ponmocup-Finder
  |Link=http://c-apt-ure.blogspot.fr/2012/06/introducing-ponmocup-finder.html c-apt-ure.blogspot.fr |NomRevue=c-APT-ure
  691 bytes (95 words) - 16:27, 7 February 2015

View (previous 50 | next 50) (20 | 50 | 100 | 250 | 500)