Mitigation Strategies for Coreflood Trojan Botnets

375 KB | 3 files | null DOC,null PDF

Use US-CERT tactical and strategic recommendations to prevent Coreflood Trojan malware infection.

Software vulnerabilities are not always a necessity for malicious software (malware) infection and propagation. The Coreflood Trojan is an example of this type of vulnerability-independent malware. It is designed to leverage the natural structure of a Windows network for account compromise and data theft.

Criminals typically utilize infected websites to stealthily infect users. Once the system is infected, the malware remains dormant on the system until someone with a privileged account (system administrator) logs in. Once the system administrator logs into the computer, the malware attempts to traverse the network using a legitimate Windows program, psexec. Later versions of the malware stopped using the psexec tool and implemented a custom tool designed to imitate psexec capabilities. Coreflood was originally discovered in 2001 and continues to evolve as an active threat within the malware market.

US-CERT recommends organizations evaluate the following tactical and strategic mitigations to determine which mitigations they can leverage in their specific environments to minimize and prevent Coreflood Trojan infections.

Included in this ZIP file are:

  • Intro Page.doc
  • Terms and Conditions.pdf
  • Coreflood Trojan Botnet.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

US-CERT is charged with providing response support and defense against cyber attacks for the Federal Civil Executive Branch (.gov) and information sharing and collaboration with state and local government, industry and international partners. US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public.

All IT Downloads from US-CERT» | Visit US-CERT »
Related IT Downloads

Security95 Guide to Cyber Threat Information Sharing

This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. ...  More >>

Security35.jpg Secrets: Managing Information Assets in the Age of Cyberespionage

In this excerpt, Pooley focuses on managing your information assets, specifically looking at how to keep them safe, stay out of trouble, and maximize their utility in your business. ...  More >>

Security44 Assessing Security and Privacy Controls in Federal Information Systems and Organizations

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.