Full Disclosure mailing list archives
Re: All China, All The Time
From: r00t <r00t () ellicit org>
Date: Fri, 15 Jan 2010 12:57:52 -1000
Can you explain how this is sophisticated. It looks to me like most decent malware samples I've RE'd: The result: triple encrypted shell code which downloads multiple encrypted binaries used to drop an encrypted payload on a target machine which then establishes an encrypted SSL channel to connect to a command and control network. If they are so sophisticated and organized, then why do they continually get noticed shortly after the attack. A major element that you fail to realize about these so called sophisticated attacks is stealth and persistence, which this attack lacks. On 1/15/10 12:33 PM, Densmore, Todd wrote:
Here is my 2 cents on both Google and iiScan http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/01/15/china-google-and-web-security.aspx ~todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: All China, All The Time, (continued)
- Re: All China, All The Time James Matthews (Jan 14)
- Re: All China, All The Time Christian Sciberras (Jan 14)
- Re: All China, All The Time Peter Besenbruch (Jan 15)
- Re: All China, All The Time Christian Sciberras (Jan 15)
- Re: All China, All The Time Benji (Jan 15)
- Re: All China, All The Time Christian Sciberras (Jan 15)
- Re: All China, All The Time Benji (Jan 15)
- Re: All China, All The Time Christian Sciberras (Jan 15)
- Re: All China, All The Time Thor (Hammer of God) (Jan 15)
- Re: All China, All The Time r00t (Jan 15)
- Re: All China, All The Time Marc Maiffret (Jan 15)
- Re: All China, All The Time Stack Smasher (Jan 15)
- Re: All China, All The Time Dan Kaminsky (Jan 15)
- Re: All China, All The Time Marc Maiffret (Jan 15)
- Re: All China, All The Time Christian Sciberras (Jan 18)
- Re: All China, All The Time Bipin Gautam (Jan 18)
- Re: All China, All The Time Christian Sciberras (Jan 18)
- Re: All China, All The Time Bipin Gautam (Jan 18)
- Re: All China, All The Time Christian Sciberras (Jan 18)