Travnet botnet steals huge amount of sensitive data
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Travnet botnet steals huge amount of sensitive data | |
|---|---|
| Botnet | Travnet |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-04-23 |
| Editor/Conference | McAfee |
| Link | http://blogs.mcafee.com/mcafee-labs/travnet-botnet-steals-huge-amount-of-sensitive-data (Archive copy) |
| Author | Umesh Wanve |
| Type | Blogpost |
Abstract
“ In a McAfee Labs blog by my colleague Vikas Taneja last month, he discussed high-level functioning in the malware Travnet. Since then we have continued to analyze different samples and now classify Travnet as a botnet rather than a Trojan because of the presence of control code, and the malware’s ability to wait for further commands from the malicious control server.
The Travnet bot not only steals sensitive information from a victim’s machine; it also steals document files. Generally speaking, we store most of our sensitive information in Office files, PDFs, etc. Using data compression and data-encoding methods allows Travnet to steal huge amount of data including large files.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1321,
editor = {McAfee},
author = {Umesh Wanve},
title = {Travnet botnet steals huge amount of sensitive data},
date = {23},
month = Apr,
year = {2013},
howpublished = {\url{http://blogs.mcafee.com/mcafee-labs/travnet-botnet-steals-huge-amount-of-sensitive-data}},
}