Akamai Diversity

The Akamai Blog

Recently by Asaf Nadler

Asaf Nadler

Asaf Nadler

February 27, 2019 9:00 AM

Ramnit in the UK

By Asaf Nadler and Lior Lahav Ramnit is a family of trojans that allows attackers to remotely control infected machines, in order steal personal and banking information [1], and open backdoors to download additional malware [2]. Initial versions of Ramnit appeared in late 2011 and infected more than 800,000 Windows PCs [3]. In May 2018, Ramnit was observed in the "Black" botnet, and was responsible for infecting more than 100,000

Asaf Nadler

Asaf Nadler

April 12, 2018 1:58 PM

Effectively Detecting Low Throughput and Malicious D ...

In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data exchange over the DNS protocol.

Asaf Nadler

Asaf Nadler

September 21, 2017 10:09 AM

Introduction to DNS Data Exfiltration

Written by Asaf Nadler and Avi Aminov Updated 2/14/19 After the initial publication of this blog post, Asaf Nadler and Avi Aminov wrote a paper on the detection of malicious and low throughput data exfiltration over the DNS protocol. The DNS protocol is a naming system for host machines and an essential component in the functionality of the Internet. The vast number of domains and subdomains on the Internet today