Bredolab, a Trojan virus in .pdf and .swf!

Hi-tech electronic and computer equipment and Internet. Better use of electricity, help with the work and specifications, equipment selection. Presentations fixtures and plans. Waves and electromagnetic pollution.
New topic Reply
Christophe
Moderator
Moderator
posts: 79295
Registration: 10/02/03, 14:06
Location: Greenhouse planet
x 11028

Bredolab, a Trojan virus in .pdf and .swf!




by Christophe » 21/07/09, 17:54

Attention, here is a virus particularly difficult to counter because it can be present in the .pdf and the .swf downloadable automatically by the browsers !!

It is such a serious threat that NOD32 has made a new one which is rather very rare: http://www.eset-nod32.fr/communiques.html

16/07/2009

New threat on the horizon in Europe: the Bredolab Trojan horse

- This threat has the ability to copy itself to the file system and execute on its own.
- Strong spread: this threat is classified among the 5 most widespread threats in Austria, Poland and Turkey and among the “top 10” in Bulgaria, Great Britain and Sweden.
- It is recommended not to open any unknown or suspicious file (.pdf included).


Les Pavillons-sous-bois, July 16, 2009 -Win32 / TrojanDownloader.Bredolab.AA is a newcomer to the world of computer threats. It injects itself into a PC, via a flaw in Adobe applications relating to .PDF and .SWF files and via the Internet. User intervention is required for activation, e.g. by opening an infected PDF or SWF file.

This threat has the ability to copy itself to the computer's file system and to self-execute each time the system is started. Bredolab then establishes communication with a remote server via the http protocol. In other words, once in place on a PC, its sole purpose is to download other malware, preferably adware, spyware, downloader or programs capable of stealing your personal data, from different servers or from the Internet.

We also noted certain cases where Bredolab was downloaded by other downloaders, from the family of Win32 / TrojanDownloader.FakeAlert, thus confirming its link with threats such as scareware (Rogue).

Consistent with the June ThreatSense.Net (ESET) report, Bredolab is the most significant threat in the Czech Republic and Slovakia, while marking a strong presence in other European countries ("Top5" for Austria, Poland and Turkey, “top 10” in Bulgaria, Great Britain, Sweden, Belgium, Russia and Germany and in the top 40 threats in Ireland and France).

Finally, we must emphasize the rapid growth of Win32 / TrojanDownloader.Bredolab.AA. For example, this malware has gone from 40 ° to 15 ° the most common threat in Ireland.

Bredolab is considered to be a dangerous threat, due to its ability to download and install many other malware on the infected computer. It is also classified as difficult to remove malware, so it is recommended to remove it as soon as it is heuristically detected. As Bredolab infects a computer via .PDF or .SWF files, ESET recommends that users only open such files with extreme caution.


Source: http://www.eset-nod32.fr/public/Emailin ... 150709.htm

To forward to your mailing ... it will change fakes and hoaxes ... :|
0 x
Skin
Christophe
Moderator
Moderator
posts: 79295
Registration: 10/02/03, 14:06
Location: Greenhouse planet
x 11028




by Christophe » 27/08/09, 11:08

NOD32 has just found a virus in a ... .JPG!

This is also very dangerous! Even more than .pdf because it automatically opens on web pages (like .swf) ... and .JPGs are EVERYWHERE!

So take care, kids, it's not just the flu virus that can do damage : Cheesy:
0 x
Skin
New topic Reply

Back to "Electricity, electronics and computers: Hi-tech, Internet, DIY, lighting, materials, and new"

Who is online ?

Users browsing this forum : No registered users and 159 guests