Embed Size (px)
Citation preview
•
Table of Contents .................................................................................................................... 2
Table of Figures ....................................................................................................................... 2
INTRODUCTION ....................................................................................................................... 3
PROPAGATION ........................................................................................................................ 3
WHY IS DYRE DIFFICULT TO DETECT? ........................................................................................ 4
FRAUD TECHNIQUES ................................................................................................................ 4 UNIQUE FAKE PAGE FRAUD FLOW ..................................................................................................... 5 UNIQUE SERVER-SIDE WEB-INJECTS .................................................................................................. 8 GRABBER MODULE ........................................................................................................................... 9
DYRE CONFIGURATION REVEALED .......................................................................................... 10
C&C COMMUNICATION AND EVASION TECHNIQUES ............................................................... 12
CRYPTO EVOLUTION ............................................................................................................... 13
SUMMARY .............................................................................................................................. 14 About F5 Labs ................................................................................................................................. 14
APPENDIX A: DYRE COMMANDS AND ERROR HANDLING ........................................................ 15
APPENDIX B: C&C COMMUNICATION ...................................................................................... 16
COMMAND EXPLANATION
ERROR
EFFECT COMMUNICATION
