- Jan 24, 2011
- 9,378
Security researchers from Symantec have identified a piece of malware designed to brute force the password of VoIP accounts in a distributed manner.
The trojan, which Symantec describes as a SIP cracker, after the Session Initiation Protocol (SIP) used by VoIP systems, is being installed on computers by Sality.
Sality is a family of file infectors with botnet capability that spread by appending their malicious code to executable files, sometimes corrupting them in the process.
The Sality botnet is commonly used as a malware distribution platform in a pay-per-install style operation where other cybercriminals pay to have their creations spread.
The SIP cracker has been distributed by Sality for months now with few people noticing and it is noteworthy because it's the first such malware to be found in the wild.
"This malware, a distributed SIP cracker, is new in many aspects (there are known SIP crackers – tools or PoC, but no known in-the-wild malware, let alone one that implements SIP cracking in a distributed fashion)," says Symantec security expert Nicolas Falliere.
More details - link
The trojan, which Symantec describes as a SIP cracker, after the Session Initiation Protocol (SIP) used by VoIP systems, is being installed on computers by Sality.
Sality is a family of file infectors with botnet capability that spread by appending their malicious code to executable files, sometimes corrupting them in the process.
The Sality botnet is commonly used as a malware distribution platform in a pay-per-install style operation where other cybercriminals pay to have their creations spread.
The SIP cracker has been distributed by Sality for months now with few people noticing and it is noteworthy because it's the first such malware to be found in the wild.
"This malware, a distributed SIP cracker, is new in many aspects (there are known SIP crackers – tools or PoC, but no known in-the-wild malware, let alone one that implements SIP cracking in a distributed fashion)," says Symantec security expert Nicolas Falliere.
More details - link
