Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    While testing IP addresses that had previously been known to serve Storm samples, we came across a nice surprise. Although the Storm network has not yet started to send a new wave of emails, it looks like they are in the process of setting up the sites to handle them, so expect a new wave shortly.

    As can be seen in the screenshot below, the site will be using the name Krackin v1.2, so it looks that the Laughing Pyscho Kitty Cat has been put to rest (poor thing).

    This time around the executable name is krakin.exe, but apart from the name change, all of the usual storm attributes are there. Upon execution, the victim will join the now infamous Storm P2P Network where their machine may be used for any number of criminal purposes. Not quite “The New Global Sharing Network” that the victim had been hoping for…

    Needless to say, Trend Micro proactively detects this file as WORM_NUCRYPT.GEN.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice