Microsoft Finds SWF-Based Assaults Containing Spikes
Microsoft the software company alerts computer operators that several attacks have spikes while spreading ShockWaveFlash (SWF) malware, which are capable of infecting end-users' PCs with malicious programs over time.
Incidentally, malicious programs from SWF assaults aren't unknown. These types of assaults normally exploit security flaws within Adobe Flash Player so that more malware can be loaded onto PCs.
The particular threat reportedly, is a Trojan that Microsoft spotted and named as Trojan:SWF/Jaswi.A, which abuses CVE-2010-0806 a security flaw within IE 6 and 7 allowing execution of random code.
Remarking about the above technique, Tim Liu a malware researcher at Microsoft stated that the method wasn't really new; however, merely some SWF assaults exploited it. Softpedia.com published this on March 8, 2011.
Importantly, incase the assault proved successful, it would pull down the uusee.exe file that's a malware for stealing Chinese passwords and is called PWS:Win32/Lolyda.AU.
Meanwhile, Microsoft has observed that the Jaswi.A activity contains 3 spikes. Publishing the details, the software company discloses that back in December 2010 it had detected those spikes, the first during the 2010 Christmas season, the second during the early days of 2011, and the third, which was the biggest spike, during mid-January 2011.
Reportedly, it was the PCs in South Korea that were these assaults' targets. For, since 2011 starting, 89% of the PCs attacked, belonged to South Korea wherein 75% were located exactly in Seoul. Additionally, assaults were also reported from USA (5%), Canada (2%), Japan (1%) and rest (3%).
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 19-03-2011