We found a backdoor that uses network sniffing to provide a reverse shell. Additionally, it fully encrypts and integrity checks it network traffic with session keys. It was first presented at GoSec 2017 in Montreal and was found using a new honeypot SSH tool.
This backdoor was first used in 2012 as part of the 'sebd' rootkit but seems to have been reactivated within the scope of a rising botnet.
January 30, 2017
Today, GoSecure wish to contribute to the Open Source community by releasing under the GPLv3 license a useful tool used during Cisco to Checkpoint firewall migrations.
December 23, 2016
Christmas time is around the corner again and there's just no better time to play pranks on your coworkers, or is that April fools? Read on to see how we decided to have some fun with embedded devices around the office...
December 08, 2016
For those who missed it, here is the video of our BlackHat Europe 2016 presentation titled EGO-MARKET: When People's Greed for Fame Benefits Large-Scale Botnets...