Tuesday, April 14, 2015

Incoming Houdini Tracking List

I have been seeing a good amount of Houdini traffic in the past, and it seems to be picking up steam again: for a quick refreshed, check out this FireEye report. So I decided to create a list of command and control servers used by the malware.

The list will not be an active/live list such as the ones you find on Abuse.ch, rather it will contain historical data of hosts, as well as other useful information such as user-agent string values, HTTP URI paths, destination ports, and other data.

The list should be posted within the week, so please check back.

No comments:

Post a Comment

Please feel free to leave a comment that is relevant to the post.