Posted by: Dan O'Connor
This is the most advanced backdoor that I have seen published in a while.
This is why it is important to have multiple layers of defense and not just rely on host based detection.
This is also one of my personal interests with malware, command and control;
- In tor.
- IRC ( Which you don’t really see anymore.
- HTTP, I can’t find an example. But I know I have seen this before piggy backing out during legitimate web surfing.