From Georgia, with love Win32/Georbot

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

From Georgia, with love Win32/Georbot
From Georgia with love.png
Botnet
Malware Georbot
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 /
Editor/Conference ESET
Link http://blog.eset.com/wp-content/media files/ESET win32georbot analysis final.pdf blog.est.com (pdf) (blog.est.com (pdf) Archive copy)
Author
Type

Abstract

At the beginning of the year, a curious piece of malware came to our attention. An analyst in our virus laboratory

noticed that it was communicating with a domain belonging to the government of Georgia to retrieve updates. Analysis revealed that this malware is an information stealing trojan and is being used to target Georgian nationals in particular. We were also able to gain access to the control panel of the threat, revealing the extent and the intent of this operation. We present our findings in this document. It should be also noted that the Data Exchange Agency of the Ministry of Justice of Georgia and its national CERT were fully aware of the situation as early as 2011 and, parallel to its own – still ongoing – monitoring, have cooperated with ESET on this matter.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR951,
   editor = {ESET},
   author = {},
   title = {From Georgia, with love Win32/Georbot},
   date = {22},
   month = Jun,
   year = {2012},
   howpublished = {\url{http://blog.eset.com/wp-content/media_files/ESET_win32georbot_analysis_final.pdf blog.est.com (pdf)}},
 }