Security News > 2015 > May > APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

APT group's malware retrieved C&C IP addresses from Microsoft's TechNet portal (Help Net Security)

2015-05-14 13:49

A China-based APT group has been using Microsoft’s TechNet web portal to host encoded Command and Control IP addresses for its BLACKCOFFEE malware, FireEye researchers have revealed. "While other g...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/sM38Zoghmew/malware_news.php

#APT #aptgroup #malware #microsoft #security

Related news

Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
Microsoft admits GitHub hosted malware that infected almost a million devices (source)
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families (source)
Microsoft Trust Signing service abused to code-sign malware (source)
Microsoft Trusted Signing service abused to code-sign malware (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.