Security researchers from TrendMicro, have intercepted a currently circulating malware campaign, using the death of Kim Jong-Il as a social engineering heme.
The messages arrive with a .PDF attachment that has the file name brief_introduction_of_kim-jong-il.pdf.pdf. Upon execution, the sample drops a malicious file detected as BKDR_FYNLOS.A. The backdoor connects to its C&C server to receive and execute commands such as downloading,uploading, and executing of files, terminating processes, and performing shell commands.
Users are advised to ensure that they are free of client-side vulnerabilities found in third-party applications and browser plugins, as well as to exercise extra caution when opening attachments coming from unknown sources.