List of “August 2017”

  • Detecting Datper Malware from Proxy Logs Malware
    Detecting Datper Malware from Proxy Logs
    This is Yu Nakamura from Analysis Center. This entry is to explain features of Datper, malware used for targeted attacks against Japanese organisations and how to detect it from the logs. JPCERT/CC has been observing attacks using Datper since around June 2016. Research reports on the adversary are published from LAC [1], SecureWorks [2] and Palo Alto Networks [3]. The adversary had also conducted attacks using Daserf malware in the...

    Read more

  • What the Avalanche Botnet Takedown Revealed: Banking Trojan Infection in Japan Malware
    What the Avalanche Botnet Takedown Revealed: Banking Trojan Infection in Japan
    Internet banking services across the globe have been exposed to the threat by unauthorized money transfers and suffering large-scale losses. In this landscape, an operation led by international law enforcement agencies has been in effect since November 2016 to capture criminal groups conducting unauthorised online banking transfers and dismantle the attack infrastructure (the Avalanche botnet). JPCERT/CC is one of the many supporters of this operation. For more information about the...

    Read more