The best Etumbot APT Backdoor review

The Arbor Networks has published a report on the Etumbot APT Backdoor. The Etumbot APT Backdoor is used in targeted cyber-attacks.

The first time the Etumbot was seen was in March, 2011.

The Arbor Network report provides insight in the capabilities and techniques which are used by the Etumbot APT Backdoor.

The authors of the Arbor Network report explain that the Etumbot APT Backdoor name might confuse a lot of people. This is because of the reason which is mentioned below:

The variety of names for this malware could lead to some confusion about the actual threat. ASERT has associated Etumbot with IXESHE, and therefore Numbered Panda, based on similar system and network
artifacts that are common between the malware families.

The mentioned malware families use the same log files: 

  • ka4281x3.log
  • kb71271.log

The Etumbot APT report explains that both the families have been using the same command and control servers. These command and control servers are used to target specific victim populations with the malware attack methodologies.

Be the first to comment

Leave a Reply