A Google search of the Internet for the strings "ParseCMD" "NM_CMD_S" results in only 5 hits.
blog post by dmackey
Monday, July 9, 2012
MacControl cyber espionage RAT linked to Chinese source code
The recently discovered Mac Control cyber espionage tool used within an espionage campaign against Tibetan related NGOs and described by AlienVault probably draws on code available on the Chinese web. Searching for strings within the tool reveals the following function names(the below image linked from the Microsoft analysis).
A Google search of the Internet for the strings "ParseCMD" "NM_CMD_S" results in only 5 hits.
These five results are all Chinese programming forums. The number 1 hit is for a posting to the programming forum www.pudn.com/. The hit is for strings within the source code package shykVC.rar(size 1072 K) uploaded 2009-03-02 by 许凤(Xu Feng) and downloaded 425 times.
blog post by dmackey
A Google search of the Internet for the strings "ParseCMD" "NM_CMD_S" results in only 5 hits.
blog post by dmackey
Subscribe to:
Post Comments (Atom)
Great Article
ReplyDeleteCyber Security Projects for CSE Students
JavaScript Training in Chennai
Project Centers in Chennai