Blackhole & Cridex: season 2 episode 1: Intuit spam & SSL traffic analysis

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Blackhole & Cridex: season 2 episode 1: Intuit spam & SSL traffic analysis
Botnet Cridex, Feodo
Malware Bugat
Botnet/malware group
Exploit kits Blackhole
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-10-04
Editor/Conference
Link http://www.deependresearch.org/2012/10/blackhole-cridex-season-2-episode-1.html (Archive copy)
Author André M. DiMino
Type

Abstract

The other day, I received another spam email, this time supposedly from Intuit. Since I know that Blackhole2 is now directing to Bugat/Feodo/Cridex banking malware, I wanted to look more closely and see what might be new. The "Intuit" email looked like this, and similar text context is shown below:

Bibtex

 @misc{DiMino2012BFR1183,
   editor = {},
   author = {André M. DiMino},
   title = {Blackhole & Cridex: season 2 episode 1: Intuit spam & SSL traffic analysis},
   date = {04},
   month = Oct,
   year = {2012},
   howpublished = {\url{http://www.deependresearch.org/2012/10/blackhole-cridex-season-2-episode-1.html}},
 }