Security Response Publications

Symantec Security Response is a worldwide team of security engineers, threat analysts, and researchers who develop a variety of content on the latest threats that impact organizations and end users.
Archives
Security Response Whitepapers

W32.Ramnit analysis

A law enforcement operation led by Europol and assisted by Symantec, Microsoft, and a number of other industry partners, seized servers and other infrastructure owned by the cybercrime group behind the Ramnit botnet (detected by Symantec as W32.Ramnit.B). The group has been in operation for at least five years and in that time has evolved into a major criminal enterprise, infecting than 3.2 million computers in total and defrauding large numbers of innocent victims.

Ramnit is capable of monitoring web browsing sessions and stealing banking credentials. It can steal website cookies, allowing attackers to impersonate the victim, take files from the victim’s hard disk, and grant the attackers remote access to the computer, allowing them to exfiltrate stolen information or download additional malware.

42 pages, 3.9 MB (PDF)
Symantec Security Response offers white papers on a range of issues relating to Internet security. These are provided in .pdf format for your convenience.

White Papers Archive 2010 - 1997