14 février 2018
We found a backdoor that uses network sniffing to provide a reverse shell. Additionally, it fully encrypts and integrity checks it network traffic with session keys. It was first presented at GoSec 2017 in Montreal and was found using a new honeypot SSH tool.
This backdoor was first used in 2012 as part of the 'sebd' rootkit but seems to have been reactivated within the scope of a rising botnet.
31 janvier 2018
Last Saturday, January 27th, the New York Times published a detailed article on the sales of automated likes and follows by an American company called Demuvi. The news article relates to the research we’ve conducted on the botnet Linux/Moose and the ego market it is thriving in. This blog post contextualizes the New York Times’ article with our own experience.
24 janvier 2018