At the end of October, a bot that we have not tracked before appeared in our system. Our initial analysis of its features got our attention as it revealed some behaviour that are considered dangerous to infected users. After tracking its history using our monitoring system, we found out that it has been distributed by a well-known botnet, Andromeda 2.09, since September, 2014. As a new addition to the botnet families that we are continually tracking, we are now going to discuss our initial analysis of this botnet, which is named Recslurp. In this... [Read More]
by RSS He Xu  |  Nov 17, 2014  |  Filed in: Security Research