This trojan, whose campaign of infection began to take shape through a wide repertoire of romantic images and, ultimately false news about explosions, which are used as strategies of social engineering is still a high rate of infection globally. In this regard, many expect that at any time, in the style Nuwar, edit again the strategy of visual deception.
Sudosecure has been doing an excellent job tracing the steps of Waledac since its offering updated reports with detailed data on the current state of the trojan. This monitoring can release information such as the top 10 most downloaded binaries and 10 more IP addresses used to download them.
The 10 countries spread over Waledac and 10 domains used.
Even the number of IP addresses to spread the trojan in the last 30 days.
Clearly understand the degree of spreading globally. And every time I see stuff like that, I wonder what is the rate of spread, in this case, Waledac locally (Argentina). This information can also be seen from the statistics that are in sudosecure.To clarify a little mystery, I have made a simple chart showing the relationship of domains, IP addresses and location from which the dissemination occurs Waledac.
That is, each of the IP address represents an infected computer. The graph is made based on the first 50 domains Waledac spreading from Argentina.In some cases notice that the same IP address is used by multiple domains, because this is used Waledac complex propagation mechanisms such as Fast-Flux networks.
Perhaps many of us forget that transforms teams Waledac unwary users into zombies to feed even more important to the botnet from which, among other things, distribute spam in a distributed manner.
Related Information
Waledac more loving than ever - Spanish version
Waledac, Social Engineering and San Valentine Day - Spanish version
# Jorge Mieres
No comments:
Post a Comment