• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   StealRat

How Threats Disguise Their Network Traffic

  • Posted on:December 5, 2013 at 11:16 am
  • Posted in:Targeted Attacks
  • Author:
    Sabrina Sioting (Threat Response Engineer)
0

Threats have evolved to try and circumvent advances in analysis and detection. Every improvement by security vendors is met with a response from cybercriminals. Stuxnet, for example, paved the way for the other threat families to use the LNK vulnerability. Using Conficker/DOWNAD popularized the use of a domain generation algorithm (DGA). This is now used by other malware…

Read More
Tags: FAKEMremote access Trojanspear phishingStealRatTargeted Attack

How to Check if Your Website is Part of the Stealrat Botnet

  • Posted on:August 5, 2013 at 10:07 pm
  • Posted in:Botnets, Malware, Spam
  • Author:
    Jessa De La Torre (Senior Threat Researcher)
0

For a few months now, we have been actively monitoring a spambot named Stealrat, which primarily uses compromised websites and systems in its operations. We have continuously monitored its operations and identified about 195,000 thousand domains and IPs that have been compromised. The common denominator among these compromised sites is that they are running vulnerable…

Read More
Tags: botnetcompromised sitesdrupaljoomlaStealRatWordpress

Header Spoofing Hides Malware Communication

  • Posted on:July 28, 2013 at 8:54 pm
  • Posted in:Bad Sites, Malware
  • Author:
    Roddell Santos (Threats Analyst)
0

Spoofing – whether in the form of DNS, legitimate email notification, IP, address bar – is a common part of Web threats. We’ve seen its several incarnations in the past, but we recently found a technique known as header spoofing, which puts a different spin on evading detection. Header spoofing is when a URL appears…

Read More
Tags: botnetheader spoofingStealRat

Compromised Sites Conceal StealRat Botnet Operations

  • Posted on:July 21, 2013 at 11:48 pm
  • Posted in:Botnets, Spam
  • Author:
    Jessa De La Torre (Senior Threat Researcher)
0

Advances in spam detection meant that spam operators had to find ways to circumvent new technologies. For instance, Asprox made significant improvements in their spam and module architecture whereas Pushdo made use of decoy network traffic. Recently, we have discovered a new simple method used by a spam botnet we named StealRat. It consists of…

Read More
Tags: ASPROXPUSHDOSpamspam botnetStealRat

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.