We're sharing Indicators of Compromise based on the OpenIOC framework for Icefog. This way organizations have an alternative way of checking their network for presence of (active) Icefog infections.
You can download the ZIPed IOC file here.
Kaspersky products detect all malicious files associated with Icefog.
2013 Sep 28, 18:49
Windows only, right?
Just glancing at the file I'm guessing it only describes indications on Windows systems. Am I correct?
2013 Sep 29, 18:49
For the IOC XML, appears so
However, if you dig into the full report (in-depth report) there's a breakdown of the Mac based malware (MacFog) and some of the IOCs you would be looking for