Poison Ivy: assessing damage and extracting intelligence
Jump to navigation
Jump to search
(Publication) Google search: [1]
Poison Ivy: assessing damage and extracting intelligence | |
---|---|
Botnet | Poison Ivy |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2014 / 2014-08-30 |
Editor/Conference | FireEye |
Link | https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf (Archive copy) |
Author | FireEye |
Type | Tech report |
Abstract
“ Poison Ivy is a remote access tool that is freely available for download from its official web site at www.poisonivy-rat.com. First released in 2005, the tool has gone unchanged since 2008 with version 2.3.2. Poison Ivy includes features common to most Windows-based RATs, including key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR4646, editor = {FireEye}, author = {FireEye}, title = {Poison Ivy: assessing damage and extracting intelligence}, date = {30}, month = Aug, year = {2014}, howpublished = {\url{https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf}}, }