Cybercriminals exploiting the death of Kim Jong-Il

Cybercriminals exploiting the death of Kim Jong-Il

Summary: Security researchers from TrendMicro, have intercepted a currently circulating malware campaign, using the death of Kim Jong-Il as a social engineering theme.

SHARE:

Security researchers from TrendMicro, have intercepted a currently circulating malware campaign, using the death of Kim Jong-Il as a social engineering heme.

The messages arrive with a .PDF attachment that has the file name brief_introduction_of_kim-jong-il.pdf.pdf. Upon execution, the sample drops a malicious file detected as BKDR_FYNLOS.A. The backdoor connects to its C&C server to receive and execute commands such as downloading,uploading, and executing of files, terminating processes, and performing shell commands.

The sample also exploits the following Adobe Reader and Acrobat vulnerabilities - CVE-2010-2883CVE 2011-0611.

Users are advised to ensure that they are free of client-side vulnerabilities found in third-party applications and browser plugins, as well as to exercise extra caution when opening attachments coming from unknown sources.

Topics: Malware, Browser, Security, Servers

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • I couldn't think of a more apt way to send ...

    ... that loony megalomaniac off.<br><br>[i]" ... executing of files, terminating processes, and performing shell commands. "[/i]<br><br>That sounds oddly like something from the Manifesto he probably wrote while in power. <br><br>... you'll find no sympathy here.<br><br>(n.b. ZDNet staffers are truly deluded if they believe anyone will want to eagerly follow up on one of the worst, tyrannical dictators, in the world, in the last 30 years.)
    thx-1138_