Security Incidents mailing list archives

W32.Badtrans.B@mm

From: Liudvikas Bukys <bukys () rochester edu>
Date: Mon, 26 Nov 2001 16:30:54 -0500 (EST)

I am dismayed to find that ALL of the anti-virus vendors have decided to
limit their "tech details" so much that I can't find a published account
of how the keyboard-logging trojan contacts the outside world.  It would
be helpful to know what hosts or names it connects out to, without having to
wait for a "live one" to appear to before I find out.

Does anybody here know?

Liudvikas Bukys
bukys () rochester edu

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

W32.Badtrans.B@mm Liudvikas Bukys (Nov 26)
- Re: W32.Badtrans.B@mm Marc Fossi (Nov 26)
- Message not available
  - Re: W32.Badtrans.B@mm Brett Glass (Nov 26)
- Re: W32.Badtrans.B@mm John Sage (Nov 26)