Endpoint Protection

 View Only
Back to Library

WhitePaper: Sality: Story of a Peer to-Peer Viral Network 

Oct 07, 2011 10:36 AM

Hello,

W32.Sality is a file infector that spreads by infecting executable files and by replicating itself across network shares. Infected hosts join a peerto-peer network used to propagate malware on the compromised computer. Typically, those additional programs will be used to relay spam, proxy communications, steal private information, infect Web servers or achieve distributed computing tasks, such as password cracking.

 
The combination of file infection mechanism and the fully decentralized peer-to-peer network, along with other anti-security measures, make Sality one of the most effective and resilient malware in today’s threat landscape. Estimations show that hundreds of thousands of machines are infected by Sality.
 
This paper will give an overview of Sality and briefly describe the architecture of the malware. The core of this paper focuses on the peer-topeer characteristics of Sality, and examines its strengths and potential limitations. Finally, I will describe current trends and metrics for Sality.

Statistics
0 Favorited
0 Views
1 Files
0 Shares
0 Downloads
Attachment(s)
pdf file
sality_peer_to_peer_viral_network.pdf   2.47 MB   1 version
Uploaded - Feb 25, 2020
 
Download

Tags and Keywords

Comments

Migration User
Dec 03, 2011 11:40 PM

great, hope can share more this kind of document.

Related Entries and Links

No Related Resource entered.