Pivot on Google Code C2 Reveals Additional Malware
Last week, we reported on attacks observed against East Asia that used Google Code for command and control (C2). As follow-on to that work, we pivoted on the C2 indicators of compromise (IoCs) within our WildFire platform, looking for additional malicious activity.
One sample in particular caught our attention, downloaded on June 18 from 211.233.89.182 via FTP. While all of the other near-proximity samples downlo...