1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Japan Quake Email Spam Leads To Java Exploits

Discussion in 'Security Updates' started by starbuck, Mar 21, 2011.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Security researchers from Kaspersky Lab warn that the wave of spam emails taking advantage of the disaster in Japan continues with a new campaign that leads users to Java exploits.

    The latest spam run claims to link to a news article about the quake being the costliest disaster in the world's history.

    However, Kaspersky Lab's Nicolas Brulez warns that the links lead to Java-based exploits that use the OpenConnection method to download malware.

    The exploits are detected by Kaspersky's products as Downloader.Java.OpenConnection.dn and Downloader.Java.OpenConnection.do, and drop a malicious VBS script file.

    The VBS's purpose is to download and install even more malicious applications on the infected computers, adware in particular.

    "Once infected, the computer starts displaying localized ads," the researcher notes, but points out that "on one successful infection, we counted as many as five malicious executables being run, one DLL being registered as a service, and a lot of task scheduler job files being created."

    Java OpenConnection-based malware has become very prevalent in recent months and variants of such threats are constantly showing up at the top of monthly attack statistics released by antivirus vendors.

    It's also a well known fact that cyber criminals are exploiting major news, especially those about natural disasters and tragedies, to spread malware.

    Because of this, people are strongly encouraged to get their news only from reputable sources and discard any unsolicited emails claiming to lead to news stories.

    Keeping popular software like Java, Adobe Reader, Adobe Flash Player, and the operating system itself up to date can help prevent a lot of attacks, while using an updated and capable antivirus solution at all times is equally important.

    Other attacks capitalizing on the Japan earthquake include relief scams, poisoned search results and social networking worms.


    Source:
    http:/ ews.softpedia.com ews/Japan-Quake-Email-Spam-Leads-to-Java-Exploits-190512.shtml
     
    starbuck, Mar 21, 2011
    #1

Share This Page