Author Topic: Ramnit Evolution – From Worm to Financial Malware  (Read 5294 times)

0 Members and 1 Guest are viewing this topic.

August 23, 2011, 07:15:32 pm
Read 5294 times


  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335

though Ramnit employs old generation malicious techniques, we kept it on our malware radar, and a few weeks ago we started seeing something interesting. Apparently, Ramnit morphed into a financial malware, or at least was used as a platform to commit financial fraud (we’re still investigating its modular architecture). Once installed Ramnit will continuously communicate with the Command and Control (C&C) server, reporting on its status and receiving configuration updates; inbound and outbound communication is over SSL (https).
Ruining the bad guy's day