Home Malware Programs Viruses W32/Cridex.A

W32/Cridex.A

Posted: November 18, 2011

Threat Metric

Threat Level: 8/10
Infected PCs: 62
First Seen: November 18, 2011
Last Seen: June 12, 2022
OS(es) Affected: Windows

W32/Cridex.A is a malicious virus that is a part of a spam Delta Airlines itineraries email that is created to attract users to click on the inserted malicious web-links. The bogus email uses a URL redirection to an infected website that takes advantage of the Adobe Flash Exploit - CVE-2011-0611 and Java Plugin LaunchJNLP DocBase Exploit - CVE-2010-3552 to be able to download and run a binary file from the URL "hxxp://uk?.com/w.php?f=21&e=8". The algorithm of the exploit is used in this campaign is the same as the exploit used in NACHA payment scam. The Java script on the destination page is built on the fly from the data included on the same page. W32/Cridex.A can steal your sensitive financial information such email and online banking credentials. If you receive a phony email form Delta Airlines, do click a link and run the file because you infect your computer system with W32/Cridex.A.

Loading...