Botnet Hiding Commands as JPEG Images

Security researchers have stumbled on a new botnet that uses an interesting technique to mask its nefarious intentions.
The Monkif/DIKhora botnet, which is pushing out Trojan downloaders to infected machines, is encoding the instructions to appear as if the command-and-control server is returning a JPEG image file, according to SecureWorks researcher Jason Milletary.  Read the full story [secureworks.com]

Security researchers have stumbled on a new botnet that uses an interesting technique to mask its nefarious intentions.

The Monkif/DIKhora botnet, which is pushing out Trojan downloaders to infected machines, is encoding the instructions to appear as if the command-and-control server is returning a JPEG image file, according to SecureWorks researcher Jason Milletary.  Read the full story [secureworks.com]

Suggested articles

Inside the RIG Exploit Kit

In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.