Uma análise do Sykipot, um bot usado em ataques dirigidos (spear phishing).
Detailed Analysis Of Sykipot (Smartcard Proxy Variant)
On January 2012, AlienVault reported a Sykipot variant with smartcard access capability that has drawn high attention in the security industry. The internals of this malware sample, such as flow of the malware, backdoor capabilities, tricks and techniques, and encryption algorithm are described in this paper. Additionally, its backdoor capabilities are compared with the analysis work of another Sykipot variant published by Symantec. This comparison displays the vast improvements that Sykipot has made. (...)
Distributed denial-of-service (DDoS) attacks, the coordinated attacks by armies of (usually hacked and remote-controlled) PCs against websites and other online services, are like part of the Internet’s weather. And in the past, DDoS attacks were like hurricanes—they peaked and ebbed with a fairly specific seasonal pattern. The more publicly visible attacks of groups like Anonymous tend to chase headlines, and are less predictable. But the less visible ones—motivated by money rather than politics—tend to peak during the holiday shopping season, when the potential losses from having a website go down are the greatest, and companies are most likely to cave to extortion demands.
But that hasn’t been the case so far this year, according to a report by website security firm Prolexic. The number of denial-of-service attacks in the first quarter of 2012 grew 25 percent compared with the same period of 2011, and was nearly equal to the number in the last three months of last year. Not only has the number of DDoS attacks not dropped from its seasonal high, but the volume of junk traffic being created by them has spiked dramatically—the company reports that it has fended off more malicious traffic in the first three months of 2012 than it did in all of 2011—9.5 petabytes of raw data, and 408 trillion network packets.