Results for c&c

Threat Research

New Remcos RAT Variant is Spreading by Exploiting CVE-2017-11882

Several days ago, FortiGuard Labs captured a malware sample that was exploiting the Microsoft Office vulnerability CVE-2017-11882 patched by Microsoft last November. The sample is an RTF document with an Equation object. By analyzing its behavior in my test environment, I realized that it spreads a new variant of Remcos RAT, version “2.0.4 Pro,” that was released on April 7, 2018 from its official website. It is able to control the victim’s PC after infection.

By Xiaopeng Zhang May 04, 2018

Threat Research

Deep Analysis of New Poison Ivy/PlugX Variant - Part II

This is the second part of the FortiGuard Labs analysis of the new Poison Ivy variant, or PlugX, which was an integrated part of Poison Ivy’s code. In the first part of this analysis we introduced how this malware was installed onto victim’s systems, the techniques it used to perform anti-analysis, how it obtained the C&C server’s IP&Port from the PasteBin website, and how it communicated with its C&C server.

By Xiaopeng Zhang September 15, 2017

Business and Technology

FortiDDoS Launches Support for FortiGuard Domain Reputation Service for IoT and Botnet Based DDoS Attack Mitigation

The FortiGuard Domain Reputation Service License for FortiDDoS is yet further ammunition to use against the growing threat of the IoT and botnet attacks, which are easier than ever to launch due to proliferation of open source code for such attacks, and growing availability of vulnerable devices.

By Hemant Jain September 06, 2017