posted by: Wade on March 19, 2012 1:30 PM
filed in: Threat Advisory/Analysis
tagged: threat prevention, WildFire
Recycled Botnets
Earlier in the year, Palo Alto Networks researchers used WildFire to track down a new variant of the Waledac/Kelihos botnet making the rounds through Europe. You can read the original post here. Since our initial analysis, this new botnet has continued to expand and evolve, and the team has continued to dig into the malware. In fact our most recent Threat Review covered this botnet in detail, which you can view here.
First and foremost, we have detected many variations of the botnet’s infecting file. To date, we have captured hundreds of files all with unique hash values, but with the identical behavior to the original …Continue reading
posted by: Wade on February 14, 2012 12:14 PM
filed in: Threat Advisory/Analysis
tagged: malware, threat prevention, WildFire
Waledac Returns…and It’s Serving More Than Spam
WildFire has recently detected a new variant of the Waledac botnet, along with a few new modifications. As a reminder, Waledac was a fairly large spamming botnet that was taken down in 2010 when Microsoft was able to take ownership of the many domains used by the botnet.
On February 2nd, WildFire began seeing a new variant of Waledac showing up in customer networks and this time its doing more than just sending spam. The new version has upgraded its malicious abilities to include stealing of passwords and authentication data. This includes the ability to sniff user credentials for FTP, POP3, SMTP and steal .dat files for FTP and BitCoin. All of this information is uploaded to the botnet, and of course would be very valuable for enabling further attacks.
WildFire was able to detect this new malware …Continue reading
posted by: Wade on November 8, 2011 1:17 PM
filed in: Uncategorized
tagged: threat prevention, WildFire, zero-day
Findings from WildFire
It has been a busy and exciting week at Palo Alto Networks where we have announced a brand new platform – the PA-200 a branch office appliance for the distributed enterprise , a new software update – PAN-OS 4.1 with more than 50 new features , and WildFire™, a completely new capability of the next-generation firewall that allows security teams to detect and remediate unknown and targeted malware. Click to see Nir talking about the release on Bloomberg TV. I want to share a little bit more …Continue reading
