DGA – WindowsTechs.com

Doki Backdoor Infiltrates Docker Servers in the Cloud

Posted on July 30, 2020 by Tara Seals

The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet. Continue reading Doki Backdoor Infiltrates Docker Servers in the Cloud→

Simple DGA Spotted in a Malicious PowerShell

Posted on July 14, 2020 by Xavier

DGA (“Domain Generation Algorithm“) is a technique implemented in some malware families to defeat defenders and to make the generation of IOC’s (and their usage – example to implement black lists) more difficult. When a piece of malware has to contact a C2 server, it uses domain names or IP

[The post Simple DGA Spotted in a Malicious PowerShell has been first published on /dev/random]

Continue reading Simple DGA Spotted in a Malicious PowerShell→

CapLoader 1.8 Released

Posted on May 28, 2019 by Erik Hjelmvik

We are happy to announce the release of CapLoader 1.8 today! CapLoader is primarily used to filter, slice and dice large PCAP datasets into smaller ones. This new version contains several new features that improves this filtering functionality even fur… Continue reading CapLoader 1.8 Released→

Necurs Botnet Evolves to Hide in the Shadows, with New Payloads

Posted on March 1, 2019 by Tara Seals

Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Continue reading Necurs Botnet Evolves to Hide in the Shadows, with New Payloads→

Ad Network Circumvents Ad-Blocking Tools To Run In-Browser Cryptojacker Scripts

Posted on March 1, 2018 by Lindsey O'Donnell

Researchers say cyrptojackers are bypassing ad-blocking software in an attempt to run in-browser cyrptocurrency miner Coinhive. Continue reading Ad Network Circumvents Ad-Blocking Tools To Run In-Browser Cryptojacker Scripts→

Malware Network Communication Provides Better Early Warning Signal

Posted on May 24, 2017 by Michael Mimoso

An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. Continue reading Malware Network Communication Provides Better Early Warning Signal→

Spotlight on Malware DGA Communication Technique

Posted on May 24, 2017 by Avi Aminov

Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You’ve been waiting for the perfect time to contact… Continue reading Spotlight on Malware DGA Communication Technique→

A week in security (Dec 04 – Dec 10)

Posted on December 12, 2016 by Malwarebytes Labs

A compilation of notable security news and blog posts from the 4th of December to the 10th. This week, we talked about DGA, a rootkit, another malvertising campaign, and a fake news about “smart drugs”.Categories: Security world
Week in securityTags: … Continue reading A week in security (Dec 04 – Dec 10)→

Explained: Domain Generating Algorithm

Posted on December 6, 2016 by Pieter Arntz

Domain Generating Algorithms are in use by cyber criminals to prevent their servers from being blacklisted or taken down. The algorithm produces random looking domain names. The idea is that two machines using the same algorithm will contact the same d… Continue reading Explained: Domain Generating Algorithm→

Vawtrak Banking Trojan Adds DGA, SSL Pinning

Posted on August 16, 2016 by Chris Brook

Attackers behind the banking Trojan Vawtrak fortified it with a domain generation algorithm (DGA) and SSL pinning capabilities.
Continue reading Vawtrak Banking Trojan Adds DGA, SSL Pinning→