Difference between revisions of "Waledac gets cozy with Virut"
Jump to navigation
Jump to search
m (1 revision imported) |
Revision as of 16:29, 7 February 2015
(Publication) Google search: [1]
| Waledac gets cozy with Virut | |
|---|---|
| Botnet | Virut, Waledac |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-01-14 |
| Editor/Conference | Symantec |
| Link | http://www.symantec.com/connect/blogs/waledac-gets-cozy-virut www.symantec.com (www.symantec.com Archive copy) |
| Author | Denis Carmody |
| Type | Blogpost |
Abstract
“ During our further analysis of recent Virut samples, we observed the virus downloading a botnet variant named Waledac (also know Kelihos), which Symantec detects as W32.Waledac.D. The Waledac family is a threat that has been monitored by Symantec for many years and was featured in numerous blogs as well as a white paper. In the past, the Waledac botnet has also been subject to takedown efforts from the security community to curtail its operations. On each occasion the miscreants behind the botnet were able to recover from these disruptions and continue their operations, distributing spam and performing other malicious functions.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1281,
editor = {Symantec},
author = {Denis Carmody},
title = {Waledac gets cozy with Virut},
date = {14},
month = Jan,
year = {2013},
howpublished = {\url{http://www.symantec.com/connect/blogs/waledac-gets-cozy-virut www.symantec.com}},
}