Jeber’s

Virginia Tech trojan

Trend Micro’s blog posted this warning today:

A new Web Threat reportedly capitalizing on the recent Virginia Tech tragedy is spreading in the wild. Trend Micro detects this malware as TROJ_BANLOAD.CFU. It arrives as an attachment from a spammed email message. Once the recipient opens this attachment, the Trojan executes and directly connects to the Web page http://{BLOCKED}sting.pop.com.br/glx/vaca/index.jpg where the following image is then displayed:

TROJ_BANLOAD_CFU_img1.gif

This Trojan then proceeds to download two other malware detected as TROJ_GENERIC and information thief TSPY_BANKER.HHW from the following Web pages, respectively:

* http://85.10.{BLOCKED}.71/Carteiro/Z3r0_C0rp2.exe
* http://{BLOCKED}sting.pop.com.br/glx/vaca/FANIVIDEOS_BBB7.scr

In addition, it terminates a number of processes mostly related to security applications to make its detection on the affected system more difficult. Users are advised to be cautious in opening forwarded email or messages from untrusted sources that pertain to the Virginia Tech shooting incident.

http://blog.trendmicro.com/cruel-intentions/

Weemee

Oliver kicks back

 
In two short months, Oliver has adapted to his new home admirably. He already has a favorite chair and a favorite blanket. It doesn’t appear he finds KPBS mentally stimulating.