Waledac gets cozy with Virut

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Waledac gets cozy with Virut
Botnet Virut, Waledac
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-01-14
Editor/Conference Symantec
Link http://www.symantec.com/connect/blogs/waledac-gets-cozy-virut (Archive copy)
Author Denis Carmody
Type Blogpost

Abstract

During our further analysis of recent Virut samples, we observed the virus downloading a botnet variant named Waledac (also know Kelihos), which Symantec detects as W32.Waledac.D. The Waledac family is a threat that has been monitored by Symantec for many years and was featured in numerous blogs as well as a white paper. In the past, the Waledac botnet has also been subject to takedown efforts from the security community to curtail its operations. On each occasion the miscreants behind the botnet were able to recover from these disruptions and continue their operations, distributing spam and performing other malicious functions.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1281,
   editor = {Symantec},
   author = {Denis Carmody},
   title = {Waledac gets cozy with Virut},
   date = {14},
   month = Jan,
   year = {2013},
   howpublished = {\url{http://www.symantec.com/connect/blogs/waledac-gets-cozy-virut}},
 }