Executive Summary In May of last year, ASERT Researchers reported on LoJax, a double-agent leveraging legitimate software to phone home to malicious command and control (C2) servers. Since the publication of our research, we’ve monitored a number of new malware samples. We also conducted additional […]
Read moreExecutive Summary MedusaHTTP is a HTTP-based DDoS botnet written in .NET, that surfaced in early 2017. MedusaHTTP is based off of MedusaIRC which leveraged IRC for its command and control communications instead of HTTP. MedusaIRC botnet has been advertised on various underground hacker marketplaces since […]
Read moreArbor’s ASERT team has a paper at this year’s Virus Bulletin conference in Barcelona, Spain. The paper, by Arbor’s Jeff Edwards and Jose Nazario, is titled A survey of Chinese DDoS malware and is based on some of the detailed analysis we did as part […]
Read moreBackground In late July 2011, a specific piece of malware came to our attention. Analysis revealed that this particular piece of malware was launching DDoS attacks and we have direct evidence of DDoS attack on two Russian websites. One of these was a gaming website, […]
Read more
