Browsing Author: Atif Mushtag, FireEye

Man in the Browser: Inside the Zeus Trojan

By Atif Mushaq, FireEye
Man in the Browser a.k.a MITB is a new
breed of attacks whose primary objective is to spy on browser sessions
(mostly banking) and in that process intercept and modify the web page
contents transparently in the background. In a classic MITB attack, it’s very likely that what the user is seeing on his/her browser
window is not something which the actual server sent. Similarly, what
the server sees on the other end might not be what user was intending to
send.

Read more...

Infiltrating the Pushdo Botnet

Categories: Malware

[img_assist|nid=2854|title=|desc=|link=none|align=right|width=100|height=100]By Atif Mushtaq, FireEyeIt’s very rare that we researchers get
a chance to explore the inner workings of a botnet command and control
server.  Detailed insight into the botnet server or command component
can give us valuable information about the motives of the botnet and
possibly the bad guys behind it. But granting access to these command
and control servers often depends on the will of the hosting providers.
So what happened in this case?

Read more...