The Latest in IT Security

Indian Cyberspace hit by Kim Jong-II Malware Mails!

03
Jan
2012


It is observed that cybercriminals are using the name of the North Korean leader Kim Jong-II after his death, to target internet users.
Attackers are achieving this by spamming malicious emails containing specially crafted pdf named “BriefintroductionofKim-Jong-il.pdf”

This PDF file found to be exploiting CVE-2010-2883 and CVE-2010-3333 Vulnerabilities in Adobe Acrobat Reader.

Once successfully exploited, it leads to remote code execution in the victim’s system.

At the time of analysis we found below dll active in the system
“Rundll32 %temp%com.dll,COMResModuleInstance”

We also found connections attempts made to c[xxxx]p.m[xxxx]u.com

Quick Heal detects it as “Trojan.BHO.btgg”

We suggest users to apply below patches if they are using older versions of PDF Reader:
http://www.adobe.com/support/security/bulletins/apsb10-21.html
http://www.adobe.com/support/security/bulletins/apsb11-08.html

In addition we also suggest users:
-Do not visit untrusted websites
-Do not click on any link or attachments in the mail
-Do not disclose any financial or personal information being asked in any of such mails

Leave a reply


Categories

THURSDAY, FEBRUARY 02, 2023
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments