Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RATs in our Honeypot

From: "Mark Ryan del Moral Talabis" <talabis () gmail com>
Date: Mon, 10 Apr 2006 08:47:59 +0800
RATs in our Honeypot

We caught a hacker in our honeynet trying to download his "tools" into
one of our honeypots. We decided to look into it and study the tools
he is using. We started by tracing where his "toolkit" was located.

The "toolkit" consisted of different flavors of malware:

- Remote Administration Tools (RAT) and Backdoors(IRC)
- Password Stealers
- File Infectors
- Network tools (scanners)
- various Spywares

Full analysis and malware samples:
http://www.philippinehoneynet.org/data.php
Previous By Date Next
Previous By Thread Next

Current thread: