![]() ![]() In the meantime, part of the underground keeps distributing their malware almost unnoticed through alternative channels, such as file sharing. The security industry seems to have its unblinking eye focused on the evolution of more fashionable, and possibly more widespread, infection vectors such as exploit kits and other traditional products of the Russian blackmarket. Today, Usenet has become a malware minefield. Usenet is a distributed discussion platform established around 1980 and still very popular worldwide.ĭespite its original intent of simply being a plain text discussion forum (much like bulletin boards), over the years it has become a widely adopted platform for distributing pirated content such as movies and games, which are generally uploaded as RAR archives then split into chunks to circumvent the size limitations of Usenet's protocol.Ĭonsequently and inevitably, malware writers found a perfect vehicle in Usenet for spreading viruses, just like what happened to other file sharing networks such as eDonkey, Gnutella and BitTorrent. Most Providers have their own Usenet client for idiot proof downloads” ![]() ![]() Also Usenet isn't that hard anymore, as easy as buying a premium account for an onc click hoster. “People download software from Usenet and install it in the offices or at friends pretty often. As a matter of fact it turned out being the exact same botnet that an audacious Reddit user of possible German origin named “throwaway236236” described in a very popular I Am A thread you can read here.įollowing is an overview of this malware labelled by the creator as Skynet: a Tor-powered trojan with DDoS, Bitcoin mining and Banking capabilities, that we observed spreading through the veins of Usenet. The more we spent time looking at it, the more it started to look unusually familiar. While wandering through the dark alleys of the Internet we encountered an unusual malware artifact, something that we never observed before that gave us fun while we meticulously dissected it until late night.
0 Comments
Leave a Reply. |