Perhaps the most interesting and indeed relevant of this is the C2 (or Command and Control) addresses found in the malware.
Increasingly, criminals actually lease their malware from a group that guarantees their malware against detection.
These addresses were used by whoever carried out the attack to control the malware and can be found in the malware code itself.
Basically, the malware presents itself as a piece of antivirus software that is going to protect your machine.
No malware, no anti-malware, no virus software updates and warnings.
So I was surprised by the news that a new type of malware had infiltrated more than 800 computers in Iran and the Middle East.
In recent days, Israel came under attack by a kind of malware known as “Xtreme RAT.”
So activists started doing detective work, to see who was behind the malware.
Furthermore, checking online IP reputation services reveals that they have been used by malware operators in the past.
These attacks had distinct similarities with the malware used against Sony.