VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Effusion - a new sophisticated injector for Nginx web servers

Andrew Kovalev, Konstantin Otrashkevich, Evgeny Sidorov, Andrew Rassokhin
Virus Bulletin, Jan 2014, pp.21-27
ISSN 0956-9979
January 2014

PDFDownload PDF (294.96Kb) (You need to be registered on forum)
[Back to index] [Comments]


At VB2013 Evgeny Sidorov spoke about three modern approaches used by attackers to embed malicious code into HTTP responses. One such approach was the use of web-server modules for malware distribution. Here, Evgeny and his colleagues describe ‘Effusion’ – a new piece of malware that uses malicious modules for an Nginx web server, and which was used in a massive infection campaign in the third quarter of 2013.

[Read the article]

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka