Report an incident
Read in Polish Read in polish
  • About us
  • News
  • FAQ
  • Analyses
  • Publications
  • Contact
Tag #dga
  • 01 October 2015 piotrb #botnet #detection #detection system #detekcja #dga #DNS #NXDomain #system detekcji

    How non-existent domain names can unveil DGA botnets

    Article thumbnail

    Domain Generation Algorithms are used in botnets to make it harder to block connections to Command & Control servers and to make it difficult to takeover botnet infrastructure. The main objective of these algorithms is to generate a big number of different domain names which usually look random, like Read more

  • 06 May 2015 CERT Polska #analysis #botnet #dga #DNS

    DGA botnet domains: malicious usage of pseudo random domains

    Article thumbnail

    In the previous entry we showed examples of domains, which could be easily missclassified as DGA botnet domains. Most of them are machine generated and used in a non-malicious manner. In this entry, conversely, we will present examples of pseudo random domains, which could be used in attacks or be …

    Read more
  • 17 April 2015 CERT Polska #botnet #dga #DNS

    DGA botnet domains: on false alarms in detection

    Article thumbnail

    Domain Generation Algorithms are often used in botnets to create specially crafted domain names which point to C&C servers. The main purpose of this is to make it more difficult to block connections to these servers (for example with domain blacklists) or to protect the C&C channel (and …

    Read more
  • 21 February 2013 CERT Polska #botnet #dga #DNS #malware #raport #sinkhole #trojan

    Virut botnet report

    Article thumbnail

    At the end of January and the beginning of February 2013 NASK (Research and Academic Computer Network) — the .pl ccTLD Registry — and its security team CERT Polska took over 43 .pl domains used to control the Virut botnet and to spread malicious applications. As a result of this action, all …

    Read more
  • 04 January 2012 CERT Polska #dga #malware #trojan

    ZeuS – P2P+DGA variant – mapping out and understanding the threat

    Article thumbnail

    n the autumn of 2011 we observed new malware infections, which looked similar to Zeus. Subsequent analysis of the malicious software mechanism start up, the process of hiding and storing of configuration indeed verified that it was ZeuS. However, monitoring of infected machines failed to uncover the characteristic communicatation with …

    Read more

The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services.

Social media

Facebook Twitter GitHub

Contact

ul. Kolska 12, PL-01-045 Warsaw, Poland
tel.: +48 22 380 82 74
fax: +48 22 380 83 99
ePUAP: /NASK-Instytut/SkrytkaESP

E-mail: [email protected]
Incidents: [email protected]

Co-financed by the Connecting Europe Facility of The European Union
  • © 2023 NASK
  • Privacy policy
  • CSIRT GOV
  • CSIRT MON