DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered. 360 netlab has long focused| 360 Netlab Blog - Network Security Research Lab at 360
CoinMiner Attacks Exploiting GeoServer Vulnerability ASEC| ASEC
MicrosoftHost.exe may look like a benign Windows process, but it is in fact a malicious coin miner. See Easy Step-by-Step Removal Guide| Gridinsoft Blogs
Avast discovered and analyzed GuptiMiner, a malware campaign hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers. The post GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining appeared first on Avast Threat Labs.| Avast Threat Labs
DGA是一种经典的botnet对抗检测的技术,其原理是使用某种DGA算法,结合特定的种子和当前日期,定期生成大量的域名,而攻击者只是选择性的注册其中的极少数。对于防御者而言,因为难以事先确定哪些域名会被生成和注册,因而防御难度极大。 360 netlab长期专注于botnet攻防技术的研究,维护了专门的DGA算法和情报库,并通过订阅情报的方式与业界分享研究成果。近期我们在...| 360 Netlab Blog - Network Security Research Lab at 360