Saturday, May 16, 2015

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal

From Help Net Security:

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed.

No comments:

Post a Comment