When typing Huituzi (the Chinese phonetic originally found in .ssyslog) into Google Translate, when performing phonetic typing for Chinese, huituzi translates into 灰兔子, which in Chinese apparently means "Gray Rabbit".
So, we now know the name of this amazing piece of malware.
According to Wikipedia, in Chinese literature, rabbits accompany Chang'e (the Chinese moon goddess) on the Moon. Also associated with the Chinese New Year (or Lunar New Year), rabbits are also one of the twelve celestial animals in the Chinese Zodiac for the Chinese calendar.
A very interesting note: This malware was discovered in 2011 - the Chinese year of the Metal Rabbit, or "Jīnshǔ tù" (金属兔).
The question remains - how deep does this rabbit hole go?
I'm updating all of my .ssyslog posts to include "Hutizu" since that is the official detection name.
No comments:
Post a Comment