tag:blogger.com,1999:blog-804714437673009003.post8402425752535104662..comments2024-02-23T09:06:13.967+00:00Comments on Dynamoo's Blog: Malware sites to block 2/1/13 part IIUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-804714437673009003.post-81215307305110530802013-01-03T10:09:04.588+00:002013-01-03T10:09:04.588+00:00Hello Conrand,
You might be interested in this:
h...Hello Conrand,<br />You might be interested in this:<br /><br />https://twitter.com/MalwareMustDie/status/286587621080182784<br /><br />Had no time to blog, but might be useful for you.<br /><br />verdicts:<br /><br />1. InfoStealer<br />2. Steals Cerification & use it to encrypt decrypt POST data<br />3. Connect to some of SMTP server for sending spams.<br /><br />Wrote analysis of payload unixfreaxjphttps://www.blogger.com/profile/03820036912869056071noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-66885825602742745492013-01-02T17:22:31.863+00:002013-01-02T17:22:31.863+00:00A ver good research and well explained to the poin...A ver good research and well explained to the point.<br />The only way to nail infection is the usage of DNS used by this bad actor, which we found ending up to a significant service only. In order to control these IP infectors, bad guys need to fully control NS of new domains set, and that cannot be made instantly (setting new or change DNS), we need to aim registration ID, contact ICANN to unixfreaxjphttps://www.blogger.com/profile/03820036912869056071noreply@blogger.com