This malicious file was spreading on weekend and was assumed itself to be an APT(Advanced persistent threat).
Especially, origin of malicious file spreading was different by accessing time. Server administrators need to be careful on operating servers.
When user visits Axxxx web site, famous for real-time internet private broadcasting system, malicious file can soak users PC with using vulnerabilities of JAVA and Adobe Flash Player.
Therefore, the latest security update is needed. If not, access web site can make visiting user to victim.
2. Spreading path and symptoms of infection
Malicious file is spreading on AD server on external partners. When users click the AD, exploit code will be run.
Accessing on private broadcasting service of http://www.a******.com will redirect user to http://www.a******.com/ad/af_station_AD.htm and, af_station_AD.js Script will be activated.
AD is located on left top part of this site and is changing frequently.
Since security level of popular website is relatively higher usually, malicious file distributors are seemed to decide AD server for those distribution.
When the external AD service list is connected, malicious code, located in its inside iframe, will be activated and ad.html will be loaded.
java.exe and EXE(XOR encrypted) type malicious file disguised as ie67.gif with using vulnerability in Adobe Flash Player and JAVA Applet will be downloaded and will try to infect user's PC.
ad.html checks user's browser version(IE6.0~8.0) and distinguish exploit code. And it links iframe on Exploit Codes including ad2.html, ad1.htm, java.html.
java.html is loading malicious Applet.jar and rename java.exe to xxoo.exe and download to Temp folder based on ScriptEngineExp.class its inside.
Actually, various variants of this malicious have been reported, user could expose from those variants.
Besides, it controls to access URL of Exploit Code with using Cookie file, and it disturbs normal operation of Anti-Virus products with installing malicious driver-type file (kill.sys).
Finally, malicious file will try to leak account information of domestic on-line game user.
3. How to prevent
Various security update for each product is the most important to be safe from infection, especially on Adobe Flash Player and Oracle Java Application. And using believable Anti-virus program and personal Firewall are also needed.
INCA Internet's Emergency Response Team is updating and distributing the latest pattern on our nProtect Anti-Virus family.
Security management tips
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
5. Execute downloaded file after scan with anti-virus SW.
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
5. Execute downloaded file after scan with anti-virus SW.
INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.
If you need some information to study for exams I recommend that you visit this blog post. it probably has all what you need
ReplyDeleteشهاب مظفری شهاب مظفری
DeleteSince Perl 6 is multi-threaded in its core, it was decided at a very early stage that reference counting would be problematic performance-wise and maintenance-wise. Instead, objects are evicted from memory when more memory is needed and the object can be safely removed."
ReplyDeleteAm I missing something?
Regards,
https://nox.website/ https://tweakbox.run/
https://plex.kim/
Great post. I was checking continuously this blog and I am impressed!
ReplyDeleteVery useful info specifically the last part :) I care for such info much.
I was looking for this certain information for a very long time.
driving directions
great post. thanks for sharing this information
ReplyDeleteKineMaster for pc
Free fire for pc
https://www.kinemasterforpcdownload.co/
https://www.freefirepcdownload.online/
Hey!! Thanku you so much for sharing information about blog and also download . Spotify Premium Apk download tinytunes android gtunes download
ReplyDeleteحتى نرضى عملائنا الكرام حيث ان هذه الحشرات بأنواعها المتغايرة تكون السبب فى الكثير من الأمراض الخطيرة على صحة الانسان و من الممكن أن تؤدى فى الخاتمة الى وفاة الانسان لهذا تنصح مؤسسة مكافحة حشرات بمحايل صعب
ReplyDeleteشركة مكافحة حشرات بالطائف
شركة عزل خزانات بالطائف
شركة مكافحة النمل الابيض بالطائف
شركة النجوم لمكافحة الحشرات
Deleteblog1
blog2
blog3
blog4
blog5
blog6
iphongthuynet
ReplyDeleteThere is increased need for correct formatting of all the Cheap Coursework Writing Service from the agency. Therefore, Students can order Custom Research Papers at any given time at an affordable price.
ReplyDeleteplayer David
Deletetopicclick
find
better
very show
Great Article
ReplyDeleteNetwork Security Projects for CSE
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
پخش آهنگ
ReplyDeleteWelcome to the party of my life here you will learn everything about me. PLease search instastalker to discover nice photos and videos on instagram.
ReplyDeleteHow cybercriminals use popular TV shows to spread malware
ReplyDeleteraze 3 html
Any of us could be victims, so be careful click
ReplyDeleteThank you for your post, I look for such article along time, today i find it finally download android apk. this post give me lots of advise it is very useful for me
ReplyDeleteThank you for your post, I look for such article along time Omegle Alternatives
ReplyDeletegta 5 indir epic games
ReplyDeletegta 5 hileleri araba hilesi
gta 6 indir android
tanx nice post
ReplyDeletehttp://www.codetools.ir/how-have-big-hips.html
چگونه باسنی بزرگ داشته باشیم
For get the technical support, you should dial AOL Email Supports Toll-Free Number for Resolve AOL Mail Issues without any recovery option. Our experts and experienced email technicians are available 24 hours a day to help you with any error related to your AOL email account.
ReplyDelete