Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Cybercriminals are actively taking advantage of another vulnerability, this time in Microsoft Office Excel. This is the third threat in less than two weeks that featured exploits. Exploit codes on IE7 and PDF bugs were discovered last week and earlier this week respectively.

    Microsoft acknowledges the Excel vulnerability in a recent bulletin. The software giant says that it is now investigating the case.

    A malicious binary detected by Trend Micro as TROJ_MDROPPER.XR is found exploiting this said Excel bug in the wild . The Trojan arrives on systems as a specially-crafted Excel file, through spammed messages or via remote malicious websites. Its routines are triggered when it is opened by unknowing users.

    TROJ_MDROPPER.XR drops and executes BKDR_AGENT.FAX, which in turn executes at every system startup. The backdoor connects to websites to send and receive information. It also gives cybercriminals almost the same user rights as the infected local user by opening a random port and enabling a remote user to execute the following commands:

    • delete files
    • download files from a specified remote site
    • execute a specified file/program
    • kill process
    • list drives
    • list file in the system
    • open command shell
    • sleep for a specified amount of time
    • upload files to a specified remote site

    The Trend Micro Smart Protection Network already prevents TROJ_MDROPPER.XR and BKDR_AGENT.FAX from running in systems. It also provides solutions for the removal of these malware. Malicious websites are also already blocked.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice