Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    April 2012
    S M T W T F S
    « Mar   May »
  • Email Subscription

  • About Us

    Archive for April 14th, 2012

    In our previous blog, we focused on the emergence of hybridized malware, in which malware arrives already infected by a file infector. In effect, there are two different malware families that will run on the infected system. In this scenario, attackers are able to maximize system compromise by deploying two different payloads in one execution, leaving a user’s machine open to a slew of infection.

    This tactic recently re-surfaced during our monitoring of Tibetan-leveraging malware campaigns. It came in the form of BKDR_RILER.SVR, a backdoor that arrives infected by PE_SALITY.AC.

    In a Windows system, the infection starts through a spam mail that offers Tibetan Input Method for Apple iOS 4.2.:

    The email lured recipients to open two attachments:

    1. an RTF file with the file name “Tibetan Input Method for Apple iOS 4.2 devices (iPhone, iPad, iPod touch).doc” and
    2. an archive containing a file named “Tibetan Input Method for Apple iOS 4.2 devices (iPhone, iPad, iPod touch).exe.”

    Read the rest of this entry »

    Posted in Mac, Malware, Targeted Attacks | Comments Off on Tibetan-themed Campaign Pushes Hybridized Malware


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice