Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43431
  • Total Topics: 16526
  • Online today: 2962
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2870
Total: 2871









Author Topic: Malware sites with Obama infect users (WORM_WALEDAC, BKDR_KRYPTIK, TSPY_BANKER)  (Read 3196 times)

0 Members and 3 Guests are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Trend Micro Advanced Threats Researcher Paul Ferguson has discovered fake websites with headlines like Barack Obama has refused to be a president and links that take the user to fake Obama sites which mimick the official Obama website.

Trend Micro has found binaries with file names like barack.exe and baracknews.exe which belong to Waladec family of worms that spread more after New Year as spam greeting cards. Below is a glimpse of the fake obama website



Some of the malware found are:

    * WORM_WALEDAC.KAX
    * WORM_WALEDAC.AE
    * WORM_WALEDAC.AG
    * WORM_WALEDAC.AD
    * WORM_WALEDAC.AL
    * WORM_WALEDAC.AH
    * TROJ_AGENT.DOZZ
    * TSPY_BANKER.BFE
    * TROJ_DLOADER.XGZ
    * BKDR_KRYPTIK.AB


These malware are mostly hosted on domains that contain Obama-related key words.

Spam emails are being circulated that contains links to fake Obama websites causing the download of WORM_WALEDAC.KAX which steals email addresses and sends the information to mulitple IP addresses. This worm also opens random ports in an affected system.



(Neowin)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023