Posted: August 29, 2012 | Category: Trojans | Threat Level: 9/10
JAVA_GONDY.A is a Trojan and component of a Java applet that exploits a Java Runtime Environment (JRE) vulnerability. JAVA_GONDY.A may be dropped by other PC threats from remote websites. JAVA_GONDY.A performs particular actions on the targeted computer system. JAVA_GONDY.A disables security features and downloads and runs binary components. JAVA_GONDY.A may also download and install other malware infections on the corrupted PC. JAVA_GONDY.A checks if the computer system is running a Windows operating system and uses the component HTML file detected as JS_FIEROPS.A to download and run a...


Posted: August 29, 2012 | Category: Trojans | Threat Level: 9/10
JS_FIEROPS.A is a Trojan that may spread via remote malicious HTML websites with a malicious JavaScript. JS_FIEROPS.A runs when a PC user visits the said dangerous websites. JS_FIEROPS.A connects to the certain websites for downloading and executing malicious files.


Posted: August 29, 2012 | Category: Trojans | Threat Level: 9/10
Java.Awetook is a Trojan that exploits a zero-day vulnerability in the Java Runtime Environment (JRE) to escalate its privileges in order to download and execute a malicious payload on the affected computer. Java.Awetook may download the potentially malicious file onto the infected computer. Java.Awetook may also be used by web criminals to download and install additional PC threats. Java.Awetook allows cybercriminals to gain remote access and control over the corrupted PC.


Posted: August 29, 2012 | Category: Trojans | Threat Level: 9/10
Troj/Agent-XNN is a Trojan that is used in a spammed-out malware attack. Troj/Agent-XNN spreads via spam email attachments. The fake email message pretends to be a Facebook notification that notifies the recipient he/she has been tagged by one of their friends in a newly uploaded photograph. The subject of the bogus email is 'Your friend added a new photo with you to the album'. The fraudulent Facebook email has a malicious file detected as Troj/Agent-XNN attached to it which is called '[New_Photo_With_You_on_Facebook_PHOTOID[RANDOM].zip'. The deceptive email attempts to trick PC users...


Posted: August 29, 2012 | Category: Trojans | Threat Level: 9/10
JS:Blacole-AV is a Trojan infection that affects computer users who have an old Java version installed on their PCs. JS:Blacole-AV exploits the Java Runtime Environment vulnerability for invading the compromised machine. If installed successfully, JS:Blacole-AV can lead to numerous other exploits on the targeted PC. JS:Blacole-AV mainly propagates via unsafe websites. If the computer runs an exposed version of Java and the website is able exploit it, JS:Blacole-AV may be dropped onto the infected computer. JS:Blacole-AV can launch distributed denial of service (DDos) attacks....

INF/Autorun, Conficker, Sirefef are the Most Common Malware in July 2012

Posted: August 29, 2012 | Category: Malware News
According to the ESET security firm, the top malware threat internationally in July 2012 was INF/Autorun. ESET also confirms from their malware statistics for July 2012, that this is the third year in a row that INF/Autorun has had a 5.46% infection rate worldwide. The INF/Autorun threat is associated with a variety of malware utilizing the autorun.inf as a means of compromising a computer. Computer experts and advanced PC users normally identify autorun.inf as a file containing information on programs used to automatically run or load when removable media is attached to a PC, ie: USB...

‘Ads not by this site’ virus

Posted: August 28, 2012 | Category: Adware | Threat Level: 2/10
The 'Ads not by this site' virus is an unusually polite form of adware that injects advertisement-related code into arbitrary web pages – while also being courteous enough to notify you about the lack of affiliation between the site and its advertisements. Due to the minor nature of its attacks, malware researchers don't consider the 'Ads not by this site' virus to be any more than a low-level threat, although its advertisements may be used to promote more malicious PC threats than itself. Ads that display characteristic 'Ads not by this site' tags are symptomatic of...


Posted: August 28, 2012 | Category: Trojans | Threat Level: 9/10
Troj/MDrop-ELD, also known as Disttrack or Shamoon , is a Trojan generated to steal data and damage operations on a particular network. Troj/MDrop-ELD strives to overwrite the Master Boot Record (MBR) on the affected computer system, which would make it impossible to boot the PC. Troj/MDrop-ELD also substitutes files on the hard drive, substituting certain image and system file types with a corrupt JPG (JFIF) file. Troj/MDrop-ELD aims at collecting information about the targeted PC.


Posted: August 28, 2012 | Category: Malware | Threat Level: 6/10
Cxweb/BadDlod-G is an alert for the domain, which hosts malicious Java exploits as a method of attacking visiting PCs and infecting them with Trojans. You should only receive Cxweb/BadDlod-G warnings in cases of possessing active anti-malware software that can monitor your web-browsing habits for the purpose of filtering out harmful sites. Because sites that trigger Cxweb/BadDlod-G warnings have been noted for using zero-day Java exploits to install backdoor Trojans, you should always analyze your computer with anti-malware programs after any contact with such websites, and...


Posted: August 28, 2012 | Category: Malware | Threat Level: 7/10
Mal/JavaKnE-H is a malicious Java applet that's used to install Trojans (such as the recently-identified Dropper.MsPMs and Troj/Agent-XNE ). If you have Java enabled in your browser, visiting a site that hosts Mal/JavaKnE-H results in automatic attacks against your PC, and even updating Java isn't an adequate defense – since Mal/JavaKnE-H's exploit hasn't had a corresponding patch to remedy this security flaw. malware researchers have been unable to find any symptoms related to Mal/JavaKnE-H's attack, which is hosted on the domain Trojans that are...


Posted: August 28, 2012 | Category: Trojans | Threat Level: 9/10
Troj/Agent-XNE is a recently-detected backdoor Trojan and Trojan downloader that can install other PC threats, disable security-related features or grant remote attackers access to your computer. Currently, Troj/Agent-XNE is distributed via the same domain that's responsible for Dropper.MsPMs attacks by abusing a Java-based browser exploit. Contact this domain ( with Java enabled for your browser is all that's necessary for your PC to be infected by Troj/Agent-XNE, which malware research team ranks as a high-level threat to your computer. Because the...


Posted: August 28, 2012 | Category: Trojans | Threat Level: 9/10
Trojan.Shylock.B is a Trojan that opens a back door on the affected computer and aims at stealing personal information. Trojan.Shylock.B spreads by exploiting the Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability (CVE-2011-3544) and Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability (CVE-2012-0507). Once executed, Trojan.Shylock.B creates the certain file. Trojan.Shylock.B then opens a back door and connects to the command-and-control (C&C) server in order to drop more malicious files. Trojan.Shylock.B collects information about the infected...

Posted: August 28, 2012 | Category: Browser Hijackers | Threat Level: 5/10
Screenshot is a fake search engine site that's used to distribute malicious software and expose you to irrelevant links for the profit of's web masters. Because is confirmed as a clone of other types fraudulent search sites that have long histories of using browser-related attacks, malware analysts strongly discourage contact with, sites that resemble or links that are promoted by in its ostensible search results. If your browser comes into contact with repeatedly through unwanted redirects,...


Posted: August 27, 2012 | Category: Trojans | Threat Level: 9/10
Further proving that even the most up-to-date security is imperfect, Dropper.MsPMs is a Trojan dropper that installs itself onto your computer by using unpatched (as of the time of this writing) Java exploits. Dropper.MsPMs is actively-distributed by at least one malicious website and can be used to install other malware onto your PC, such as worms, banking Trojans or adware. malware experts recommend keeping Java and JavaScript disabled by default to help block Dropper.MsPMs attacks, although in scenarios where this isn't practical, anti-malware products should still be...


Posted: August 27, 2012 | Category: Trojans | Threat Level: 9/10
TROJ_MORCUT.A is a Trojan that infects Windows computers. TROJ_MORCUT.A injects itself on virtual disks. TROJ_MORCUT.A can distribute more PC threats on the corrupted machine. While being installed, TROJ_MORCUT.A also downloads infected files. JAVA_AGENT.NTW enables attackers to obtain remote access and control over the infected PC. Once executed, TROJ_MORCUT.A performs malicious activities on the affected computer system.


Posted: August 27, 2012 | Category: Worms | Threat Level: 5/10
WORM_MORCUT.A is a variant of a Crisis or Morcut worm, a self-propagating PC threat with a feature set focused largely on stealing confidential information. The latest WORM_MORCUT.A attacks are indicative of initial infections being achieved through browser-based Java applets that may be loaded on harmful or compromised websites. malware researchers also stress that WORM_MORCUT.A, unlike most PC threats, has noticeable cross-OS compatibility, and is more than capable of attacking Mac-based OSes, Windows OSes and even Virtual Machine (VM) environments. All variants of...


Posted: August 27, 2012 | Category: Trojans | Threat Level: 9/10
JAVA_AGENT.NTW is a malicious Java applet that's used to install one of two variants of the Morcut or Crisis worm, depending on the operating system of the PC being attacked. Because Crisis is capable of launching invasive spyware-based attacks that monitor keyboard input and messaging programs like Skype, malware researchers encourage you to consider JAVA_AGENT.NTW's payload a high-level threat to be removed with all due haste by appropriate anti-malware products. As a Java applet, JAVA_AGENT.NTW may launch automatically when you contact a malicious website or...


Posted: August 27, 2012 | Category: Trojans | Threat Level: 9/10
Trojan:Win32/WipMBR.A is a Trojan dropper that installs Trojan:Win32/WipMBR.B, a PC threat that causes permanent damage to Windows and prevents your PC from loading. Given the unusually destructive nature of Trojan:Win32/WipMBR.A's payload, a Trojan:Win32/WipMBR.A infection may be hard to miss, but will require you to repair your operating system before you can even begin to delete Trojan:Win32/WipMBR.A or Trojan:Win32/WipMBR.B. Therefore, malware researchers recommend that you do your utmost to prevent a Trojan:Win32/WipMBR.A infection in the first place with...


Posted: August 27, 2012 | Category: Backdoors | Threat Level: 6/10
The Hikit rootkit is a high-level threat favored by the Chinese threat group of Axiom for purposes of collecting information from highly-specified targets. With counts of individual attacks by this group at over forty-three thousand, all companies, environmental organizations and other, probable targets should use anti-malware protection to block this threat and remove the Hikit rootkit when required. Along with its semi-unique, advanced defenses, the Hikit rootkit also includes the basic functions of any backdoor Trojan, which may let third parties effectively control a compromised PC....


Posted: August 27, 2012 | Category: Trojans | Threat Level: 9/10
Win32:Small-HUF is a Trojan that's sometimes associated with e-mail spambot-based attacks – although most recent Win32:Small-HUF issues have been caused by false positives from Avast-brand security software. False positives for Win32:Small-HUF infections are distinguishable by their association with memory dump files and Virtual Machines (VMs), and can be set to be ignored without any damage coming to your PC. Because most versions of PC security software that detect false Win32:Small-HUF infections are outdated, malware researchers also recommend keeping your...
previous  320  321  322  323  324  325  326  327  328  329  330  331  332  333  334  335  336  337  338  339  340  next     total items: 19487
Home "Articles"