Posts Tagged ‘Trojan.Rodricter’

Malware Trojan HorseWhen a system compromise Trojan.Rodricter virus exploits a vulnerability CVE-2012-4681.

The company “Doctor Web” reports on the distribution of malware Trojan.Rodricter, which at breaking the system exploits a vulnerability CVE-2012-4681 in the JRE. Recall that on 26 August, the company FireEye, Atif Mushtaq announced the active exploitation of this vulnerability. The expert also noted that in the near future to exploit vulnerabilities in Java will become widely available, and the attackers are very actively using it. Total overnight company Rapid 7 introduced a module exploit platform Metasploit. This module exploits a vulnerability in JRE for the latest versions of browsers Mozilla Firefox, Internet Explorer, and Safari on platforms Linux, Windows and Macintosh. Owner of Oracle JRE took 4 days to release an update that will eliminate this vulnerability. (more…)

Virus AlertTechnical information

To ensure autorun and distribution: Modifies the following registry keys:

[<HKLM> \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] ‘uct.exe’ = ‘”% APPDATA% \ uct.exe”‘

Creates or modifies the following files:

% WINDIR% \ Tasks \ fbagent.job (more…)