Cybercriminals exploiting the death of Kim Jong-Il

Security researchers from TrendMicro, have intercepted a currently circulating malware campaign, using the death of Kim Jong-Il as a social engineering theme.

Security researchers from TrendMicro, have intercepted a currently circulating malware campaign, using the death of Kim Jong-Il as a social engineering heme.

The messages arrive with a .PDF attachment that has the file name brief_introduction_of_kim-jong-il.pdf.pdf. Upon execution, the sample drops a malicious file detected as BKDR_FYNLOS.A. The backdoor connects to its C&C server to receive and execute commands such as downloading,uploading, and executing of files, terminating processes, and performing shell commands.

The sample also exploits the following Adobe Reader and Acrobat vulnerabilities - CVE-2010-2883CVE 2011-0611.

Users are advised to ensure that they are free of client-side vulnerabilities found in third-party applications and browser plugins, as well as to exercise extra caution when opening attachments coming from unknown sources.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All