Asprox, a.k.a. Zortob, is an old botnet that was uncovered in 2007. It is known to spread by arriving as an attachment in spam emails that purport to be from well-known companies. The attachment itself is disguised as a legitimate document file by using icons such as those of a .doc or .pdf file. Figure 1. Asprox malware posing as a Microsoft Word document. This blog post will give an overview on Asprox's functionality with a focus on the changes in its communication with the command-and-control (C&C) server, including a new C&C command,... [Read More]
by RSS Long Tran  |  Jul 28, 2014  |  Filed in: Security Research