Monday, March 30, 2009

More on GhostNet

F-Secure provides some excellent insight into the backdoor used in the GhostNet attacks.  Most of these backdoors were built with modified and obfuscated versions of a Remote Administration Tool (RAT) known as Poison Ivy.

More screenshots of the Poison Ivy tool can be found here.

No comments: