remote access trojans – Page 2

DNSMessenger backdoor/RAT uses DNS queries to communicate with C&C server

Posted on March 6, 2017 by Zeljka Zorz

How to make sure that your malware will be able to communicate with its C&C servers even if the infected machine sits behind a company firewall and traffic to and from the corporate network is regularly inspected? Pack the needed information into DNS traffic. For one thing, DNS traffic is very rarely blocked, as it is needed to allow users to access network resources by name (instead by IP addresses). Secondly, DNS traffic monitoring and … More → Continue reading DNSMessenger backdoor/RAT uses DNS queries to communicate with C&C server→

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

Posted on March 2, 2017 by Sean Gallagher

Delivered by “secure” Word doc, pure PowerShell malware gets its orders via DNS. Continue reading Researchers uncover PowerShell Trojan that uses DNS queries to get its orders→

Powerful Android RAT impersonates Netflix app

Posted on January 26, 2017 by Zeljka Zorz

Mobile malware peddlers often make their malicious wares look like popular Android apps and push them to users through third-party app stores. The latest example of this is the fake Netflix app spotted by Zscaler researchers. The fake app looks genuine at first glance, as it sports the same icon the actual legitimate Netflix app uses. But once it is installed on a smartphone or tablet and the victim clicks on it, it vanishes from … More → Continue reading Powerful Android RAT impersonates Netflix app→