In case of infected by malicious file, leaking account information and abnormal quit of Internet Explorer can occur easily.
What is more, there is a limitation to diagnose with anti-virus due to continuous spreading of variant malicious file.
2. Spreading path and symptoms of infection
This malicious file spreads especially high on weekend through domestic file sharing site. In case of file sharing site, access frequency of general user might be highly increased against weekdays relatively; therefore the range of infection might also be enlarged.
Malicious file creator and distributor can add malicious URL to be downloaded and executed additional malicious file with using vulnerability of domestic file sharing site.
After that progress, a user can be infected malicious file with just accessing tampered website and easily stolen online game account information.
Below image shows decrypted malicious Script inserted file sharing site via malicious URL.
* Decrypted malicious Script
Also, such as tampered domestic social commerce site, we mentioned before, trying download and execute additional malicious file with using IE and Flash’s vulnerability is another feature.
* Malicious code in malicious Flash file (character conversion)
It can also set preference to download other malicious things using some part of malicious Flash file code.
After the procedure, original Windows system file will be tampered; it is possible to be stolen online game account due to malicious function.
Those following online game lists are possible to be leaked by infected malicious file.
Also, those malicious files have quit function against specific anti-virus software.
3. How to prevent
This kind of malicious file tries to spread especially during weekend in file sharing site; therefore, this security issue will appear frequently. Not only weekends but weekdays, a bunch of user are accessing file sharing site and playing online game. To keep safe from this kind of spreading malicious files that we recommend following tips "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function such as malicious file stated above and runs responding system against various security threats.