Lately reported this malicious file seems to be adopted social engineering technique, and it has been revealed first type of aiming at cloud system and expected new security threats.
2. Malicious file info
This malicious file can deceive user as a movie file with its icon.
Upon executed, it will show installation written by Chinese to deceive user.
Furthermore, it will run screen such as a movie player.
Currently, damage case of this malicious file hasn't been reported so far, however, the attention of first cloud-based malicious file must be needed.
3. How to prevent
This malicious file has been reported aiming at Chinese security cloud server of company including Kingsoft, Rising, and so on. Besides, this malicious file adopted modifying to bypass detection.
If this malicious file causes tampering on certain module, update process can be wrong.
Modifying module transferring cloud server for diagnosis on malicious file can cause wrong decision on diagnosis status.
Furthermore, it can download additional malicious files.
With an appearance of emerging malicious files aiming at Chinese cloud server, the possibility to be caused by additional malicious files still remains on cloud system.
Security companies already adopted cloud system or considering adpoting must be concentrated on possible security threats.
To use PC safely from security threats of these malicious attachments, we recommend following "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Anti-Virus/Spyware for detecting such as malicious file stated above and runs responding system against various security threats.