 |
Malware: Troyak-AS and Peer activity Sun, 14 Mar 2010 Last week Troyak-AS has been taken offline. The number of Zeus C&C servers has been decreasing steeply because of the coordinated operation. Here you can find a list of AS50215 Troyak-as peers that conform the neighborhood of one of the most active cybercrime networks. I want to share with you some graphs of these peers that shows the malicious activity of some of the AS's involved on this network during Q1 of 2010. The data has been extracted from one of Alienvault sandnets.
posted at: 21:29 | path: /Malware | permanent link to this entry | 3 comments | malware, visualization, Zeus, Botnet
* Posted by Andreas Rauer at Mon Apr 5 22:28:46 2010
Hi, is there a legend for the different symbols out there? The diagrams look quite interesting, but without an explanation for the symbols and circles it is quite non-decipherable.
Maybe you can add some meaning for me? :-) Kind regards & thanks in advance, Andreas
* Posted by Jaime Blasco at Sat Apr 10 17:19:11 2010
Hi,
The red squares are the AS's, the green circles are ip addresses, the pink circles are md5's of malicious binaries and the brown triangles are antivirus names for the binaries.
|
Categories
/ (34) Jaime Blasco (feel free to get in touch) Friend's blogs: 
Lecture...
Archives
2010-Aug Tags
| | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
 |
