0 Members and 1 Guest are viewing this topic.
though Ramnit employs old generation malicious techniques, we kept it on our malware radar, and a few weeks ago we started seeing something interesting. Apparently, Ramnit morphed into a financial malware, or at least was used as a platform to commit financial fraud (were still investigating its modular architecture). Once installed Ramnit will continuously communicate with the Command and Control (C&C) server, reporting on its status and receiving configuration updates; inbound and outbound communication is over SSL (https).