Author Topic: Google Groups Trojan  (Read 1496 times)

0 Members and 1 Guest are viewing this topic.

September 12, 2009, 11:47:20 am
Read 1496 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
http://www.symantec.com/connect/blogs/google-groups-trojan

Quote
Maintaining a reliable command and control (C&C) structure is a priority for back door Trojan writers. Recent developments have included the utilization of Web 2.0 social networking websites to deliver commands. By integrating C&C messages into valid communications, it becomes increasingly difficult to identify and shut down such sources. It's a concept very similar to that of chaffing and winnowing. Symantec has observed an interesting variation on this concept in the wild. A back door Trojan that we are calling Trojan.Grups has been using the Google Groups newsgroups to distribute commands. Trojan distribution via newsgroups is relatively common, but this is the first instance of newsgroup C&C usage that Symantec has detected.
Ruining the bad guy's day