12345

1/07/2011

E-mail disguised as from White House Kneber botnet, a variant of Zeus, has been reported.

1. Introduction

Recently, malicious Kneber botnet, a varient of ZeuS botnet, has been reported as an attachment of e-mail from White House.
With a booming of spreading malicious files these days, users need to be careful on checking e-mails especially from uncertain user.

[ Old ZeuS Variant Returns for Christmas ]
http://blog.trendmicro.com/old-zeus-variant-returns-for-christmas/

2. Spreading path and symptoms of infection

Kneber botnet has been figured out sent from White House as following.


Censored area is the URL for download, and it induces to click.
Also, some of cases trying to spread with using Christmas are reported.


Upon infected, various information including online banking information and account information can be leaked.
Furthermore, it can send SPAM mail through collected e-mail address and instant messnger account for re-sending malicious mail.

3. How to prevent

We always have to be careful on social engineering technique.
To use PC safely from security threats of these malicious files, we recommend following "Security management tips" for general users.

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
5. Execute downloaded file after scan with anti-virus SW.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Anti-Virus/Spyware for detecting such as malicious file stated above and runs responding system against various security threats.

No comments:

Post a Comment