Posted by: David Harley | March 29, 2012

AlienVaults: more nicely-done analysis…

…this time linking the encryption routines used in C&C communication by the malware they first reported last week to a Linux backdoor that they believe to have been around since 1999 or earlier.  

VirusTotal analysis/info here.

This is a different issue to the serving of the OSX Lamadai dropper to Linux clients, as reported by ESET. That dropper can’t actually infect a Linux system.

 Mac and I weren’t particularly aware of AlienVault Labs until recently. It’s good to see them doing such cool analysis and trading information with the mainstream AV industry. 🙂

David Harley CITP FBCS CISSP

Advertisements

Posted in David Harley, ESET | Tags: , , ,

«
»

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

%d bloggers like this: