Palo Alto Networks

Infy

Prince of Persia – Ride the Lightning: Infy returns as “Foudre”

In February 2017, we observed an evolution of the “Infy” malware that we're calling "Foudre" ("lightning", in French). The actors appear to have learned from our previous takedown and sinkholing of their Command and Control (C2) infrastructure – Foudre incorporates new anti-takeover techniques in an attempt to avoid their C2 domains being sinkholed as we did in 2016.

We documented our original research into the decade-old campaign using the Infy malware in May 2016....

Unit 42

Aug 01, 2017

By Tomer Bar and Simon Conant

Palo Alto Networks

Products and Services

Partners

Events, News of the Week

Palo Alto Networks News of the Week – July 2, 2016

Game over, Prince of Persia: Unit 42 helped take down the Infy malware campaign by successfully gaining control of multiple C2 domains to disable attacker’s access to victims.

Jul 02, 2016

By Anna Lough

Malware, Threat Prevention, Unit 42

Prince of Persia – Game Over

Unit 42 published a blog at the beginning of May titled "Prince of Persia," in which we described the discovery of a decade-long campaign using a formerly unknown malware family, Infy, that targeted government and industry interests worldwi...

Jun 28, 2016

By Tomer Bar, Lior Efraim and Simon Conant

Events, News of the Week

Palo Alto Networks News of the Week – May 7

We’ve rounded up all of the top Palo Alto Networks news from the past week right here.Unit 42 identified and collected over 40 variants of a previously unpublished malware family and found Infy Malware active i...

May 07, 2016

By Anna Lough

Malware, Threat Prevention, Unit 42

Prince of Persia: Infy Malware Active In Decade of Targeted Attacks

Attack campaigns that have very limited scope often remain hidden for years. If only a few malware samples are deployed, it’s less likely that securit...

May 02, 2016

By Tomer Bar and Simon Conant

Load more blogs