Misplaced Pages

PoisonIvy (trojan)

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
(Redirected from PoisonIvy (Trojan)) Malware

PoisonIvy is a remote access trojan that enables key logging, screen capturing, video capturing, file transfers, system administration, password theft, and traffic relaying. It was created around 2005 by a Chinese hacker and has been used in several prominent hacks, including a breach of the RSA SecurID authentication tool and the Nitro attacks on chemical companies, both in 2011. Another name for the malware is "Backdoor.Darkmoon".

References

  1. "POISON IVY: Assessing Damage and Extracting Intelligence" (PDF). FireEye. Retrieved March 11, 2021.
  2. Keizer, Gregg (31 October 2011). "'Nitro' hackers use stock malware to steal chemical, defense secrets". Computerworld.
  3. "Poison Ivy NJCCIC Threat Profile". nj.gov. NJCCIC. April 12, 2017. Archived from the original on June 3, 2021. Retrieved March 11, 2021.
  4. Higgins, Kelly Jackson (21 August 2013). "Poison Ivy Trojan Just Won't Die". DARK Reading. Retrieved 12 March 2021.
  5. Kirk, Jeremy (22 August 2013). "Poison Ivy Trojan used in RSA SecurID attack still popular". InfoWorld. Retrieved 12 March 2021.
  6. Mills, Elinor (5 April 2011). "Attack on RSA used zero-day Flash exploit in Excel". CNET. Archived from the original on 17 July 2011.
  7. "'Nitro attacks' continue". Virus Bulletin. 13 December 2011.
  8. Phneah, Ellyne (1 November 2011). "'Nitro' attack targets chemical firms". ZDNet.
  9. Fisher, Dennis (30 August 2012). "Use of Java Zero-Day Flaws Tied to Nitro Attack Crew". threatpost. Archived from the original on 2 June 2021. Retrieved 7 April 2021.
Stub icon

This computing article is a stub. You can help Misplaced Pages by expanding it.

Categories: