Posted by: David Harley | March 29, 2012

AlienVaults: more nicely-done analysis…

…this time linking the encryption routines used in C&C communication by the malware they first reported last week to a Linux backdoor that they believe to have been around since 1999 or earlier.  

VirusTotal analysis/info here.

This is a different issue to the serving of the OSX Lamadai dropper to Linux clients, as reported by ESET. That dropper can’t actually infect a Linux system.

 Mac and I weren’t particularly aware of AlienVault Labs until recently. It’s good to see them doing such cool analysis and trading information with the mainstream AV industry. 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: