A New Wave of Mebroot

The latest malware threats from across the security forums

Moderators: Admin Team, Moderators

User avatar
Spudz
Posts: 1856
Joined: Mon Jul 20, 2009 4:35 am
Area Of Expertise: General guidance and advice
experience: Not only can I turn PC on, I know most of its functions too
PC time: Alot more than I should
Location: Kent, UK
Contact:

A New Wave of Mebroot

Postby Spudz » Wed Dec 09, 2009 7:47 pm

A New Wave of Mebroot
Andrea Lelli
December 9th, 2009

A peak of new infections of Trojan.Mebroot has been found in the wild and after some investigation the data shows that there is a new wave of Mebroot Trojans being distributed through a popular exploit pack. The binary executables are using a newer packer to avoid detection from antivirus products.

Mebroot has been around for some time; apart from updating their packer, the most interesting thing about this infection is how Mebroot gets itself onto your machine in the first place. I had a glance at the network capture and the intrusion seems to be coming from Java:


Continues at Symantec Security Blog
Spam - Uninteresting garbage quickly deleted.
Spammer - A parasitic worm intent on creating internet misery.

Image

Return to “Latest Malware Threats”

Who is online

Users browsing this forum: No registered users and 1 guest