Posted by: David Harley | March 29, 2012

AlienVaults: more nicely-done analysis…

…this time linking the encryption routines used in C&C communication by the malware they first reported last week to a Linux backdoor that they believe to have been around since 1999 or earlier.  

VirusTotal analysis/info here.

This is a different issue to the serving of the OSX Lamadai dropper to Linux clients, as reported by ESET. That dropper can’t actually infect a Linux system.

 Mac and I weren’t particularly aware of AlienVault Labs until recently. It’s good to see them doing such cool analysis and trading information with the mainstream AV industry. 🙂

David Harley CITP FBCS CISSP

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: