IcoScript: using webmail to control malware
Jump to navigation
Jump to search
(Publication) Google search: [1]
| IcoScript: using webmail to control malware | |
|---|---|
| Botnet | IcoScript |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2014 / 2014-08-05 |
| Editor/Conference | Virus Bulletin |
| Link | https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript (Archive copy) |
| Author | Paul Rascagnères |
| Type | White paper |
Abstract
“ Win32.Trojan.IcoScript.A is a classic remote administration tool, but it has a particular way of communicating with its control server. It is very modular and it abuses popular web platforms (such as Yahoo and Gmail) for command and control communication. Paul Rascagneres discusses the unusual techniques used by the trojan.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1397,
editor = {Virus Bulletin},
author = {Paul Rascagnères},
title = {IcoScript: using webmail to control malware},
date = {05},
month = Aug,
year = {2014},
howpublished = {\url{https://www.virusbtn.com/virusbulletin/archive/2014/08/vb201408-IcoScript}},
}