Spreading malicious file about Libyan revolution

1. Introduction

Recently, spreading malicious file related Libyan revolution, covering main page of newspaper these days, has been detected.
Big global issues, such as Japanese earthquake, are the easiest way to be used as a social engineering by cyber criminals and malicious file distributor.

2. Spreading path and symptoms of infection

This site and domain looks newly generated recently. You can get information about Libyan news on this web site.

This site provides most information through various links with reliable organizations.
Also, it can download additional malicious files through Java Applet on accessing.

* Downloaded file

- FreeLibya.jar (2,762 bytes)

Since its file name "FreeLibya.jar" is also related with Libya, users can be easily lured.
But downloading jar file depends on current installed Java JDK version.

* When JDK hasn't been installed

* When JDK has been installed

Upon executed download jar file, it will download additional malicious file, "javaclient.exe" through internal class file.

디컴파일된 class파일 내부코드

If downloaded malicious file "javaclient.exe" is executed, it will create its cloned file as following path and set preference to start itself on booting automatically.

* Generated file
- (User temporary folder)\svc21host.exe (1,130,496 bytes)

* Generated registry
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
- Name : svc21host
- Data : (User temporary folder)\svc21host.exe

* (User temporary folder) means "C:\Documents and Settings\(User account)\Local Settings\Temp" generally.

Furthermore, it will be still connecting to certain external site continuously such as following figure; as a result this PC can be a Botnet.

3. How to prevent

Global issues can take interest of publicity. Malicious file programmer and cyber criminals are distributing malicious files with using social engineering.
To use PC safely from security threats of these malicious attachments, we recommend following "Security management tips" for general users.
※ Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function such as malicious file stated above and runs responding system against various security threats.


  1. I know a lot of writing advices and I try to practice writing every day. On https://eduessayhelper.org/blog/paper-outline I found advices about writing paper outline.

  2. My Assignment Services provides a 24-hour online Assignment Helper and consultation to the students. Be it any subject such as Nursing, Economics, Law, Engineering, or Management, we provide the most reliable help with assignment online by our highly-proficient academic writers. My Assignment Services constantly aim to expand our base of assignment writing experts and call in international experts who are ex-professors from reputed business schools, management schools, engineering universities from across the globe. This provides you with an opportunity to get a global and world perspective in your Python Assignment Help answers and lets you connect with a writer who understands you. This company has been trusted by thousands of students in Australia for their incredible help with assignment that are provided to students worldwide. Join these thousands of students and achieve high distinction in each and every one of your college tasks. We are proud of our best assignment help experts because of their dedication towards providing continuous support to students by helping them meet deadlines and scoring better grades. We understand how important academic assessments are in developing a student's career and future opportunities, this is why we take extreme measures to ensure that all Geology Assignment Help solutions are best-in-class.

  3. I won't try to download it. I care about my PC. That's kinda dangerous.

  4. Sometimes you may find yourself at that point where you need some inspiration to keep the ideas for your paper coming. That’s why we’ve founded draftify.net, a platform where great minds meet to help students fill up their creative well with fresh ideas.
    writing a research essay

  5. When you opt for purchasing a grant proposal from Writer-Elite.com, you will get the assistance of a grant proposal writer who will be ready to help you with grant writing on any topic and complexity. That's a really good option if you have no enough time.

  6. Hello! Thank you for sharing with us this great post! I have found a lot of new facts there. By the way, if you happen to look for a writing help then you can apply nursing essay writing service There you can find many helpful tips for writing papers.

  7. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for Final Year

    JavaScript Training in Chennai

    Project Centers in Chennai

    JavaScript Training in Chennai

  8. Our Academic Essay Writing Service is accessible online via a majority of mobile devices to bring Cheap Essay Writing Services For Sale close to you. Students can access Most Reliable Essay Writer Service from any location if they have a pertinent mobile device.

  9. need Quickbooks Support ?
    while using quickbooks software(accounting software) we face many errors, if you need expert advice to resolve those errors then you can visit our website. we are 24*7 available for our users.

    if you need Mcafee Security then you can get it from our website we also provide product key to activate the mcafee.

  10. need McAfee activate ?
    if you are looking for mcafee product key then you can simply visit our website where we cover the full process to get product key.
    for more help related to mcafee.com/activate , you can call our technical assistant.we are 24*7 available for our users.

  11. if you are looking for McAfee activate product key then you can simply visit our website where we cover the full process to get product key.
    for more help, you can call our technical assistant for mcafee.com/activate
    .we are 24*7 available for our users.

  12. McAfee activate is the threat defender program that the user can activate at mcafee activate card URL. Its individual, household, and multi-device subscriptions, Theft Protection as well as online & offline virus protection. mcafee.com/activate

  13. Finding Help with Medical Assignment is not easy unless one is keen to establish the best medical research paper writing service company by going through their medical assignment writers qualifications.

  14. Online psychology paper writing service companies are very keen when it comes to Psychology Research Paper Services for students stuyding psychology studies in order for them to score straight A’s in their custom psychology research papers.

  15. It's very good post which I really enjoyed reading. It is not everyday that I have the possibility to see something like this.
    web page