GSR-IconBannerAd_v1d

Security Advisories

Trustwave Press Releases

« DbProtect Update - What's New in Version 6.4.4 | Main | SpiderLabs Radio: July 31, 2014 »

31 July 2014

Comments

Is there anymore information on the nsskrnl file being encrypted. The supplied password, 'Password', is not working.

Do you know where the C&C are hosted? and what are the known C&C IPs?

Good question. Law enforcement has requested that we not publish that information because the investigation is ongoing.

So if the Command and Control is via "POST requests to one or more statically defined URLs are made on a regular basis" could you not post what these are, so we can block and detect them in our firewall?

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment