Malware analysis of the Lurk downloader
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Malware analysis of the Lurk downloader | |
|---|---|
| Botnet | Lurk, KINS |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2014 / 2014-08-07 |
| Editor/Conference | DELL SecureWorks |
| Link | http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/ (Archive copy) |
| Author | Brett Stone-Gross |
| Type | Blogpost |
Abstract
“ Lurk is a malware downloader that uses digital steganography: the art of hiding secret information within a digital format, such as an image, audio, or video file. Lurk specifically uses an algorithm that can embed encrypted URLs into an image file by inconspicuously manipulating individual pixels. The resulting image contains additional data that is virtually invisible to an observer. Lurk's primary purpose is to download and execute secondary malware payloads. In particular, the Dell SecureWorks Counter Threat Unit™ (CTU) research team has observed Lurk dropping malware used to commit click fraud.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1394,
editor = {DELL SecureWorks},
author = {Brett Stone-Gross},
title = {Malware analysis of the Lurk downloader},
date = {07},
month = Aug,
year = {2014},
howpublished = {\url{http://www.secureworks.com/cyber-threat-intelligence/threats/malware-analysis-of-the-lurk-downloader/}},
}