Threat Brief: Understanding Domain Generation Algorithms (DGA)

Intro One of the most important “innovations” in malware in the past decade is what’s called a Domain Generation Algorithm (“DGA”)”. DGA is an automation technique that attackers use to make it harder for defenders to protect against attacks. While DGA has been in use for over 10 years now, it’s still a potent technique

Rovnix and the Declaration Generation Algorithm

Since the success of Conficker in 2008, multiple malware families have started using Domain Generation Algorithms (DGAs) to make their command and control infrastructure more resilient to take-down. By generating new domains every day, the attacker can re-capture their botnet even if one of the command and control domains is taken down or if security

We Know It Before You Do: Predicting Malicious Domains

Today at the 2014 Virus Bulletin International Conference (VB2014) in Seattle, Palo Alto Networks is presenting a paper entitled “We Know It Before You Do: Predicting Malicious Domains.” We’re excited to share the key points of our paper and presentation here for everyone who couldn’t see it in person.   Malicious domains are key to

Get updates on Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit 42

Follow us on