'Sinkholed' web sites
Crowdstrike p2p botnet kelihos.b with 100.000 nodes sinkholed
blog.crowdstrike.com 2012-04-08
sinkholed Wednesday, March 28, 2012 P2P Botnet Kelihos.B with 100.000 Nodes sinkholed This past Wednesday, CrowdStrike has teamed up with security experts from Dell SecureWorks, the Honeynet Project and Kaspersky to take out a peer.to.peer botnet which we believe is the newest offspring of a family that has been around since 2007 Kelihos.B, a successor of Kelihos, Waledac and the Storm Worm. Traditionally, the botnets in this
blog.crowdstrike.com 2012-04-08
sinkholed Wednesday, March 28, 2012 P2P Botnet Kelihos.B with 100.000 Nodes sinkholed This past Wednesday, CrowdStrike has teamed up with security experts from Dell SecureWorks, the Honeynet Project and Kaspersky to take out a peer.to.peer botnet which we believe is the newest offspring of a family that has been around since 2007 Kelihos.B, a successor of Kelihos, Waledac and the Storm Worm. Traditionally, the botnets in this
MORE
ⓘ
Crowdstrike
sinkholed bots. CrowdStrike researchers continue to monitor the comand.and.control infrastructure, which is partially live again after having been down for some days, and confirmed that the servers do not speak the Kelihos.B protocol anymore. We are aware of a new version of the bot, Kelihos.C, that has been released shortly after we started the sinkholing operation, and which is spreading via social networks. This new version
Eric romang blog various
eromang.zataz.com 2014-11-14 ⚑blog ⚑tech ⚑health
sinkholed to Shadowserver. The backdoor was composed of clear text reverse shell perl scripts, executed a regular interval, and by a forked version of OpenSSH named 8220;cupsd 8220;. A RSA key was embedded in the forked OpenSSH, reported domain name of C C was 8220;corp.aapl.com 8221; and reported file names were com.apple.cocoa.plist cupsd Mach.O binary com.apple.cupsd.plist com.apple.cups.plist com.apple.env.plist F.Secure also
eromang.zataz.com 2014-11-14 ⚑blog ⚑tech ⚑health
sinkholed to Shadowserver. The backdoor was composed of clear text reverse shell perl scripts, executed a regular interval, and by a forked version of OpenSSH named 8220;cupsd 8220;. A RSA key was embedded in the forked OpenSSH, reported domain name of C C was 8220;corp.aapl.com 8221; and reported file names were com.apple.cocoa.plist cupsd Mach.O binary com.apple.cupsd.plist com.apple.cups.plist com.apple.env.plist F.Secure also
MORE
ⓘ
Crowdstrike
sinkholed bots. CrowdStrike researchers continue to monitor the comand.and.control infrastructure, which is partially live again after having been down for some days, and confirmed that the servers do not speak the Kelihos.B protocol anymore. We are aware of a new version of the bot, Kelihos.C, that has been released shortly after we started the sinkholing operation, and which is spreading via social networks. This new version
Eric romang blog various
eromang.zataz.com 2014-11-14 ⚑blog ⚑tech ⚑health
sinkholed to Shadowserver. The backdoor was composed of clear text reverse shell perl scripts, executed a regular interval, and by a forked version of OpenSSH named 8220;cupsd 8220;. A RSA key was embedded in the forked OpenSSH, reported domain name of C C was 8220;corp.aapl.com 8221; and reported file names were com.apple.cocoa.plist cupsd Mach.O binary com.apple.cupsd.plist com.apple.cups.plist com.apple.env.plist F.Secure also
eromang.zataz.com 2014-11-14 ⚑blog ⚑tech ⚑health
sinkholed to Shadowserver. The backdoor was composed of clear text reverse shell perl scripts, executed a regular interval, and by a forked version of OpenSSH named 8220;cupsd 8220;. A RSA key was embedded in the forked OpenSSH, reported domain name of C C was 8220;corp.aapl.com 8221; and reported file names were com.apple.cocoa.plist cupsd Mach.O binary com.apple.cupsd.plist com.apple.cups.plist com.apple.env.plist F.Secure also
crowdstrike.com
No cookies are saved on your client
We are completely no-profit and volunteers
Use robots.txt to block indexing
Contact us via email for other removals
Read DMCA Policy
CopyLeft by GiPOCO 2006-2023
Contact us to contribute
info (at) gipoco.com
All trade marks, contents, etc
belong to their respective owners