MONROE, La., Nov. 14, 2018 /PRNewswire/ -- With the ability to download other types of malware after infecting a computer, the Mylobot botnet is demonstrating the capability of information stealing, according to a new report from CenturyLink, Inc. (NYSE: CTL). Mylobot contains sophisticated anti-virtual machine and anti-sandboxing techniques to avoid detection and analysis, such as lying dormant for 14 days before attempting to contact the command and control server (C2). However, since being identified in June 2018, CenturyLink Threat Research Labs has observed Mylobot downloading Khalesi, a pervasive information-stealing malware family, as a second stage attack on infected hosts.
Read the CenturyLink Threat Research Labs report on Mylobot: https://www.netformation.com/our-pov/mylobot-continues-global-infections/.
"What makes Mylobot so dangerous is its ability to download and execute any other type of payload the attacker wants, and we now have evidence one of those payloads is Khalesi," said Mike Benjamin, head of CenturyLink's Threat Research Labs. "By analyzing global botnet attack trends and methods, CenturyLink is better able to anticipate and respond to evolving threats like Mylobot in defense of our own network and those of our customers."
CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world's best networking company by solving customers' increased demand for reliable and secure connections. The company also serves as its customers' trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business.
SOURCE CenturyLink, Inc.