New Mahdi updates, new C2 server
Jump to navigation
Jump to search
(Publication) Google search: [1]
| New Mahdi updates, new C2 server | |
|---|---|
| Botnet | Mahdi |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 29 aug2012 |
| Editor/Conference | Seculert |
| Link | http://blog.seculert.com/2012/08/new-mahdi-updates.html (Archive copy) |
| Author | Seculert |
| Type | |
Abstract
“ As part of our joint research with Kaspersky Labs, we identified different variants, with different versions of the malware, communicating with four additional servers all located in Canada. While most of the variants communicated with these four servers, a new variant was recently found that communicated with a fifth C&C server located in Canada as well.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1140,
editor = {Seculert},
author = {Seculert},
title = {New Mahdi updates, new C2 server},
date = {29},
month = Aug,
year = {2012},
howpublished = {\url{http://blog.seculert.com/2012/08/new-mahdi-updates.html}},
}