In 2005, tech crime *many, with one very simple RAT, A remote access. Trojan, sadly, suddenly became little, so that happened. exponenchcli
Research Milestones
- Natural Pathogens: Researchers (like John Jelesko and Matt Kasson) later discovered a natural fungus (Colletotrichum fioriniae) that serves as a biological alternative to chemically eradicating poison ivy. [1, 2]
- Transcriptome Mapping: Virginia Tech scientists utilized DNA sequencing technology to map poison ivy transcriptomes, aiming to better understand its physiology since humans are uniquely allergic to its urushiol oil. [1, 2]
If you would like to explore the technological side of either of these topics, please share:
Ai jokes.. aside….
NJCCIC Threat Profile
The Poison Ivy trojan is a remote access trojan (RAT) that was first identified in 2005 and has continued to make headlines throughout the years. In 2011, it was used in the “Nitro” campaign that targeted government organizations, chemical manufacturers, human rights groups, and defense contractors. In 2012, attackers exploited a Java zero-day vulnerability to spread the malware and, in 2013, Poison Ivy was used to infect visitors of a US government website by exploiting an Internet Explorer zero-day vulnerability. This RAT has been used by a large variety of hacking groups and in various operations, including at least three separate advanced persistent threat (APT) campaigns. Poison Ivy is designed with spying capabilities as it can monitor victims remotely and steal user credentials and files. It is often spread through malicious Word or PDF attachments in spearphishing emails. In 2013, FireEye disseminated a detailed report on Poison Ivy and provided its typical attack sequence:
- The attacker sets up a custom Poison Ivy (PIVY) server, incorporating details on how the RAT will install itself on the target computer, enabled features, and the encryption password, among others.
- The attacker sends the PIVY server installation file to the target’s computer. The target opens the infected email and executes the file, or visits a compromised website.
- The server installation file executes on the target computer and downloads additional code through an encrypted communication channel to avoid antivirus detection.
- Once the PIVY server is running on the target machine, the attacker uses a Windows GUI client to control the target computer
The trees are still going going! I think
lillianisley.com 
Leave a comment