Dragon News

Dragon News

An inside look at the world of Team Cymru. Cybersecurity tools, tips, news and views.

Categories


Archives


Tags


Dragon News

Dragon News

An inside look at the world of Team Cymru. Cybersecurity tools, tips, news and views.


#goznym1

GOZNYM MALWARE

ARTICLE OVERVIEW Antivirus software detects GozNym hybrid as Nymaim variant GozNym samples resolve domains, do not connect to IPs returned. Separate IP used for HTTP comms. C2 channel for GozNym appears to be HTTP POST requests, in line with Nymaim-based origins Recent active related C2s at 194.149.138.49, 54.186.122.88, 82.13.46.90, 168.235.72.204...