Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh PC-Trojan still more Dangerous; BitDefender

One fresh PC-Trojan that aims attacks against banks, currently, acts still more dangerously, as it utilizes compromised Internet sites during the process of its loading, warn researchers from BitDefender the security company.

Specifically, according to the company, soon as the compromised site is accessed, it displays one harmless-looking HTML web-page, which in reality contains Trojan.JS.QOS. There's also a message that requests the visitor to wait till the loading is complete, while one deceptive JavaScript gets concealed, which diverts the user onto yet one more destructive JavaScript.

Actually, this new JavaScript identified as Trojan.JS.Redirector.YF has been named js.js, which's saved inside a folder having an arbitrarily-produced name.

Security researchers at BitDefender state that apparently this second JavaScript is installed onto several servers, which as such support sanitized websites, possibly after a theft of File Transfer Protocol (FTP) credentials. The only objective of this script is to divert end-users through different redirects and ultimately land them on the attack site.

This attack site also an HTML page having Trojan.HTML.Downloader.Agent.NBF implants one Java applet featuring Exploit.Java.CVE-2010-0840.P, the much familiar CVE-2010-0840 vulnerability's front, with the vulnerability abused for pulling down and planting Trojan.Zbot.HTQ a Zbot sample onto the hijacked computers, BitDefender states.

Discussing further about the malware that's the last to be installed, the security company says that Zbot, another name for ZeuS, WSNPoem or ZeuSBot represents one banking Trojan that facilitates backdoor creation as also possesses server capabilities. The activities of this malware include gathering bank-related details; accessed websites' histories; login data; as also other sensitive information. Occasionally it captures the desktop's screenshots while on the hijacked system, BitDefender explains. Gmanetwork.com published this on March 10, 2012.

Disturbingly, according to BitDefender's experts, it's because of these kinds of sophisticated operations, which cause malware to increase online.

However, for avoiding getting contaminated with such malware, BitDefender urges PC-operators not to access websites that simply emerge from nowhere. Most significantly, incase an online site diverts onto a different web-location, it must be closed instantly. And finally, Web-surfers must maintain an up-to-date Java Runtime so they won't get victimized with any of the above Internet-based activities, the security company concludes.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

ยป SPAMfighter News - 3/17/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page