Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2012
    S M T W T F S
    « Mar   May »
    1234567
    891011121314
    15161718192021
    22232425262728
    2930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for April 14th, 2012




    In our previous blog, we focused on the emergence of hybridized malware, in which malware arrives already infected by a file infector. In effect, there are two different malware families that will run on the infected system. In this scenario, attackers are able to maximize system compromise by deploying two different payloads in one execution, leaving a user’s machine open to a slew of infection.

    This tactic recently re-surfaced during our monitoring of Tibetan-leveraging malware campaigns. It came in the form of BKDR_RILER.SVR, a backdoor that arrives infected by PE_SALITY.AC.

    In a Windows system, the infection starts through a spam mail that offers Tibetan Input Method for Apple iOS 4.2.:

    The email lured recipients to open two attachments:

    1. an RTF file with the file name “Tibetan Input Method for Apple iOS 4.2 devices (iPhone, iPad, iPod touch).doc” and
    2. an archive containing a file named “Tibetan Input Method for Apple iOS 4.2 devices (iPhone, iPad, iPod touch).exe.”

    Read the rest of this entry »

     
    Posted in Mac, Malware, Targeted Attacks | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice