Zyklon Season

NETSCOUT Blog
by ASERT Team on

The ASERT research team has recently done some work reverse engineering a family of malware called "Zyklon H.T.T.P." that is written using the .Net framework. Zyklon (German for “cyclone”) is a large, multi-purpose trojan that includes support for a variety of malicious activities, including several different forms of DDoS attack, key logging and credential theft, SOCKS proxying, executing arbitrary code, etc. A summary of our findings regarding Zyklon's inner workings are documented in the linked article.

Posted In
  • Attacks and DDoS Attacks
  • Reverse Engineering
  • Spyware
  • threat analysis