REFERENCES

[1] http://www.theregister.co.uk/2006/03/27/spyware_diy/
[2] http://www.theregister.co.uk/2007/07/23/mpack_developer_interview/
[3] http://isc.sans.org/diary.html?storyid=3015
[4] http://www.finjan.com/MCRCblog.aspx?EntryId=1601
[5] http://pandalabs.pandasecurity.com/archive/Ice_2800_Pack_2900_-for-the-summer.aspx
[6] http://ddanchev.blogspot.com/2007/10/mpack-and-icepack-localized-to-chinese.html
[7] http://www.finjan.com/MCRCblog.aspx?EntryId=1601
[8] http://blog.trendmicro.com/icepack-packing-heat/
[9] http://blog.trendmicro.com/icepack-packing-heat/
[10] Note that this the attack sequence we encountered on the Italian Keith Jarrett web site.
[11] http://www.avertlabs.com/research/blog/index.php/2007/10/04/arp-spoofing-is-your-web-hosting-service-protected/
[12] http://www.teamfurry.com/wordpress/2007/08/29/zxarps/#more-157
[13] http://isc.sans.org/diary.html?storyid=3015
[14] http://ddanchev.blogspot.com/2007/06/massive-embedded-web-attack-in-italy.html
[15] http://ddanchev.blogspot.com/2007_02_01_archive.html
[16] http://www.ukhoneynet.org/2007/07/18/new-javascript-tool-released/
[17] http://cansecwest.com/slides07/csw07-nazario.pdf
[18] http://www.secureworks.com/research/tools/caffeinemonkey.html
[19] http://blogs.pandasoftware.com/blogs/images/PandaLabs/2007/05/11/MPack.pdf
[20] http://www.websense.com/securitylabs/blog/blog.php?BlogID=94
[21] http://explabs.com/about/mediaCenter/pr_071006_01.asp