-------------------------------------------
寄件者: All of PH AV Technical Marketing
傳送日期: Monday, August 09, 2010 11:52:48 AM
收件者: Newsbank; Marketing Writers
副本: Jocelyn Racoma (AV-PH)
主旨: Malware Blog news pickups: July 31-Aug 6, 2010
自動依照規則轉寄
Daily Pageviews to blog posts picked up
| | 31-Jul | 1-Aug | 2-Aug | 3-Aug | 4-Aug | 5-Aug | 6-Aug |
| 3,572 | 4,127 | 5,176 | 4,434 | 4,628 | 4,632 | 3,288 | |
| ZeuS/ZBOT and SALITY Jump on the LNK Exploit Bandwagon | 40 | 81 | 110 | 96 | 41 | 52 | 31 |
| QuickTime Player Allows Movie Files to Trigger Malware Download | 733 | 826 | 535 | 299 | 170 | 46 | 34 |
| KOOBFACE Gang Now Tracking Visitors | - | 42 | 157 | 91 | 31 | 6 | 2 |
| Certificate Snatching—ZeuS Copies Kaspersky’s Digital Signature | - | - | - | - | 123 | 470 | 194 |
Worm spreads via Windows .LNK vulnerability
IT Web Malware, SA – Aug 6
This now triggered a new attack. Case in point, the .LNK vulnerability is now used to spread ZeuS/ZBOT variants as attachment to spam messages purporting to originate from Microsoft. The said attachment comes as a compressed (.ZIP) file. It contained a .LNK file and a .DLL file that Trend Micro detected as LNK_STUXNET.SM and TROJ_ZBOT.BXW, respectively.
Zeus Malware Used Pilfered Digital Certificate
PCWorld, US – Aug 6
Also, the malware's hash value, a unique numerical identifier based on the source code for applications, was incorrect, as it was derived on the Kaspersky tool, according to a blog post written by Trend Micro.
eSecurity Planet, US – Aug 3
Trend Micro is warning of the use of malicious QuickTime files to infect victims' computers. "Malicious files posing as the recent Angelina Jolie film Salt are now available on file sharing networks," writes The Register's John Leyden.
Koobface hackers now tracking victims
V3.co.uk, UK – Aug 2
"A few days ago, these pages started to include a short JavaScript code which enables the Koobface gang to directly monitor page hits," explained Trend Micro advanced threats researcher Joey Costoya. According to Costoya, the hourly tracking helps the gang to "correlate the user activity based on time of day and Koobface infection count". There have been almost 130,000 hits since tracking started last week, he said.
Poisoned Angelina flick hits torrents
The Register, UK – Aug 2
Malicious files posing as the recent Angelina Jolie film Salt are now available on file sharing networks. When users attempt to view these poisoned downloads a prompt is generated offering to download "update codecs" - actually fake files loaded with Trojan horse malware. At first the attack was thought to rely on an unpatched flaw in QuickTime, but Apple told Trend Micro this is not the case, and the attack relies solely on social engineering trickery.
Movie files run in QuickTime Player trigger malware download
Help Net Security, US – Jul 30
Specifically crafted .mov files trigger the download of malware masquerading as a codec update and an installation file for another player when run in the latest (7.6.6) version of QuickTime Player, TrendLabs reports
.
沒有留言:
張貼留言