Posts Tagged ‘Trojan’

Malware Trojan HorseWhen a system compromise Trojan.Rodricter virus exploits a vulnerability CVE-2012-4681.

The company “Doctor Web” reports on the distribution of malware Trojan.Rodricter, which at breaking the system exploits a vulnerability CVE-2012-4681 in the JRE. Recall that on 26 August, the company FireEye, Atif Mushtaq announced the active exploitation of this vulnerability. The expert also noted that in the near future to exploit vulnerabilities in Java will become widely available, and the attackers are very actively using it. Total overnight company Rapid 7 introduced a module exploit platform Metasploit. This module exploits a vulnerability in JRE for the latest versions of browsers Mozilla Firefox, Internet Explorer, and Safari on platforms Linux, Windows and Macintosh. Owner of Oracle JRE took 4 days to release an update that will eliminate this vulnerability. (more…)

Virus Alert

The company “Doctor Web” – a Russian developer of IT security – informs spreading the modification of the Trojan family Trojan.Mayachok, added to Dr.Web virus database named Trojan.Mayachok.17516. Despite the fact that this threat has a certain similarity to the widespread Trojan Trojan.Mayachok.1, in its architecture and identified a number of significant differences.

Trojan.Mayachok.17516 is a shared library that is installed with the operating system using a dropper, which, being an executable, in general, decrypts and copies the library to disk. If your operating system is enabled UAC (User Accounts Control, UAC), dropper copies itself to a temporary folder named flash_player_update_1_12.exe and launched for execution.


Virus AlertTrojan.Maljava!gen23 is a heuristic detection for files attempting to exploit the Oracle Java SE CVE-2012-1723 Remote Code Execution Vulnerability.

Technical details

Systems Affected:

Windows NT, Windows XP,Windows Server 2003, Windows Server 2008,Windows Vista, Windows 7, Solaris, Mac OS X, Linux, Windows 2000

CVE References: CVE-2012-1723

Technical details

Files that are detected as Trojan.Maljava!gen23 are considered malicious. We suggest that any files you believe are incorrectly detected be submitted to Symantec Security Response. For instructions on how to do this using Scan and Deliver, read Submit Virus Samples. (more…)

McAfee logoMcAfee found a Trojan that disables antivirus software

The virus is able to deactivate the update modules of different software.

Experts from McAfee found malware that could simplify the way viruses attack, disable any anti-virus software on the system, as well as deactivating the update modules for different software.

According to the researchers, the worm spreads through the social network Facebook, as well as through a number of IM-clients, including ICQ, Skype, GTalk, Pidgin, MSN and YIM.

Attackers send messages to potential victims of alleged links to funny or interesting video. If the user will be held on the proposed web-site on his computer to automatically download and run malicious code. (more…)