About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Store
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
GynvaelColdwind
's Blog
Created: Friday, August 7 2009 17:38.30 CDT
Printer Friendly ...
A thought about drivers\etc\hosts file
Author:
GynvaelColdwind
# Views:
1666
I've been wondering recently what the next step for the malware writers will be, regarding banker troyans, and DNS-related stuff, and came into conclusion that it might be replacing the path to the drivers\etc\hosts file in the Dnscache service.
If you're interested, checkout the full post on my blog, and/or the video of the PoC.
Blog post:
http://gynvael.coldwind.pl/?id=215
Video of PoC:
http://www.youtube.com/watch?v=6kKOZJWOmww
Add New Comment
Comment:
Active in Last 5 Minutes
Invisible
There are
20,335
total registered users.
Recently Created Topics
Career: Threat Inte...
Jul/30
Career: Security Res...
Jul/30
Library Debugging Pr...
Jul/29
Pydbg attach Vs load?
Jul/29
IDA and MIPS (emulat...
Jul/27
UK Cyber Security ch...
Jul/26
System Service Descr...
Jul/26
LD_PRELOAD Question
Jul/23
Patching Application...
Jul/22
Contract: Research E...
Jul/19
Recent Forum Posts
Pydbg attach Vs load?
aMIr
LD_PRELOAD Question
monarch
LD_PRELOAD Question
justano...
LD_PRELOAD Question
monarch
Patching Application...
hughhan
Patching Application...
jduck
immunity debugger pl...
Malware...
paimei installation ...
wishi
IDA Pro customization
wishi
how to chnage an ins...
ConsoleFx
Recent Blog Entries
ResearchAviator
Jul/28
Installation procedure for ...
artemblagodarenko
Jul/27
Common function prototype
dennis
Jul/24
Dr. Gadget IDAPython plugin
trufae
Jul/23
radare2 0.5 released
AmrThabet
Jul/21
Pokas x86 Emulator for Gene...
More ...
Recent Blog Comments
omeg
on:
Jul/29
Windows 7 syscall list
renzosilv
on:
Jul/26
Windows 7 syscall list
renzosilv
on:
Jul/26
Windows 7 syscall list
Dreg
on:
Jul/21
HiperDrop 0.0.1
djnemo
on:
Jul/20
HiperDrop 0.0.1
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}