I love these posts that troll for visits to someone's site. -- Alex Buie Network Coordinator / Server Engineer KWD Services, Inc Media and Hosting Solutions +1(703)445-3391 +1(480)253-9640 +1(703)919-8090 [email protected] ज़रा
On Wed, Jun 13, 2012 at 4:28 PM, Adam Behnke <[email protected]> wrote: > NGR Bot (also known as Dorkbot) was examined to be a user-mode rootkit that > could be remotely controlled via Internet-Relay-Chat (IRC) protocol. It was > designed with the intention to steal digital identity, perform denial of > service, and manipulate the domain name resolution. > > It spreads via Recycler bin social engineering as well as by hooking into > via social networking sites. > > This article aims to provide some technical insights of this NGR Bot V1.0.3 > sample (MD5 “1CA4E2F3C8C327F8D823EB0E94896538″) on the following topics: > > (1) Encryption & tampering detection mechanism > (2) Functionalities > (3) Hooking technique > (4) Architecture Set-up for communicating with this malware > > To view the entire article, go here: > http://resources.infosecinstitute.com/ngr-rootkit/ > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
