* Posts by Joe Stewart

1 publicly visible post • joined 13 Sep 2011

State-sponsored spies collaborate with crimeware gang

Joe Stewart

Connection not established

Wermud and the trojan in the VirusTotal link above (a Chinese DDoS bot known as Azvhan) both draw part of their code from the public Gh0st source code base. I'm not seeing how public code reuse implies cooperation between criminal botmasters and Chinese cyber-espionage units. Is there an actual report with details of this APT <-> criminal botmaster connection published somewhere?