Dridex learns new trick: P2P over HTTP

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Dridex learns new trick: P2P over HTTP
Botnet Dridex
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol P2P
Date 2014 / 2014-11-21
Editor/Conference S21sec
Link http://securityblog.s21sec.com/2014/11/dridex-learns-new-trick-P2P-over-http.html (Archive copy)
Author S21sec Ecrime
Type Blogpost

Abstract

After several months we finally got an answer for the question asked by our friend Roman on this post regarding the infamous Cridex/Feodo/Geodo/Dridex saga. Back then we witnessed the birth of a new Feodo variant baptized as Dridex and just few days ago S21sec's Ecrime department detected a new Dridex variant which incorporated noticeable changes.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR2252,
   editor = {S21sec},
   author = {S21sec Ecrime},
   title = {Dridex learns new trick: P2P over HTTP},
   date = {21},
   month = Nov,
   year = {2014},
   howpublished = {\url{http://securityblog.s21sec.com/2014/11/dridex-learns-new-trick-P2P-over-http.html}},
 }