Posts Tagged ‘application data’

New worm infects removable drives.

Jun

2013

Yet another worm that infects removable drives was discovered. The Win32/SillyAutorun.FTW was recently found in the wild. The worm is written with Microsoft Visual Studio and uses injection engine – worm’s code overwrites the original code in memory. When it runs on infected machine, it firstcopies itself to %ApplicationData%\E-73473-3674-74335\msnrsmsn.exe; where %ApplicationData% is application data folder […]

Category General Written by GLOBAL SECURITY ADVISOR RESEARCH BLOG 0 Comments

Lock, stock and two smoking Trojans-2

Apr

2013

It has been three years since we published Lock, stock and two smoking Trojans in our blog. The article describes the first piece of malware designed to attack users of online banking software developed by a company called BIFIT. There are now several malicious programs with similar functionality, including: Trojan-Spy.Win32.Lurk Trojan-Banker.Win32.iBank Trojan-Banker.Win32.Oris Trojan-Spy.Win32.Carberp Trojan-Banker.Win32.BifiBank Trojan-Banker.Win32.BifitAgent […]

Category General Written by Securelist / Blog 0 Comments

Remote Linux Wiper Found in South Korean Cyber Attack

Mar

2013

Earlier today we published our initial findings about the attacks on South Korean banks and local broadcasting organizations. We have now discovered an additional component used in this attack that is capable of wiping Linux machines. Figure 1. Bash wiper script targeting remote Linux machines The dropper for Trojan.Jokra contains a module for wiping remote Linux […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘application data’

New worm infects removable drives.

Lock, stock and two smoking Trojans-2

Remote Linux Wiper Found in South Korean Cyber Attack

Categories

Featured

Archives

Latest Comments

About Us

Contact Us