Exploring botnets in VR
By Asaf Nadler & Lior Lahav Botnets often use domain generation algorithms (DGAs) to select a domain name, which bots use to establish communication channels with their command and control servers (C2). Since Akamai analyzes over 2.2 trillion DNS requests ... Read More
Ramnit in the UK
By Asaf Nadler and Lior Lahav Ramnit is a family of trojans that allows attackers to remotely control infected machines, in order steal personal and banking information [1], and open backdoors to download additional malware [2]. Initial versions of Ramnit ... Read More
Effectively Detecting Low Throughput and Malicious DNS Exfiltration
In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data ... Read More
