Big global issues, such as Japanese earthquake, are the easiest way to be used as a social engineering by cyber criminals and malicious file distributor.
2. Spreading path and symptoms of infection
This site and domain looks newly generated recently. You can get information about Libyan news on this web site.
This site provides most information through various links with reliable organizations.
Also, it can download additional malicious files through Java Applet on accessing.
Since its file name "FreeLibya.jar" is also related with Libya, users can be easily lured.
But downloading jar file depends on current installed Java JDK version.
* When JDK hasn't been installed
* When JDK has been installed
Upon executed download jar file, it will download additional malicious file, "javaclient.exe" through internal class file.
If downloaded malicious file "javaclient.exe" is executed, it will create its cloned file as following path and set preference to start itself on booting automatically.
Furthermore, it will be still connecting to certain external site continuously such as following figure; as a result this PC can be a Botnet.
3. How to prevent
Global issues can take interest of publicity. Malicious file programmer and cyber criminals are distributing malicious files with using social engineering.
To use PC safely from security threats of these malicious attachments, we recommend following "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function such as malicious file stated above and runs responding system against various security threats.