Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Virus alerts

Virus alerts

Chinese Data Theft via PowerPoint Vulnerability Exploit

The flaw will not be patched until August 8

By Marius Oiaga, Technology News Editor

22nd of July 2006, 10:04 GMT

Adjust text size:


Symantec warns that a Zero-day exploit of PowerPoint vulnerability allows for the compromised computers to be used in data theft attacks. A malicious PowerPoint file infects the machine with Trojan.PPDropper.C that drops
additional malware in the form of Backdoor.Bifrose.E and Trojan.Riler.F. The two Backdoor Trojans allows remote access to a potentially compromised computer.

Backdoor.Bifrose.E is a keylogger that connects to pukumalon.8800.org a free host service on a China based server. All the data recorded by the keylogger is transmitted to the remote server.

"Trojan.Riler.F is a back door Trojan horse that installs itself as a layered service provider (LSP), and allows a remote attacker to have unauthorized access to the compromised computer. It is dropped by Trojan.PPDropper.C. When Trojan.Riler.F is executed, it creates the files: "%System%SNootern.dll" and "%System%uidmngr.ini", installs the file SNootern.dll as a layered service provider (LSP) and creates the following registry subkey: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWinSock2ParametersProtocol_Catalog9," describes Symantec.

Trojan.Riler.F also connects to soswxyz.8800.org, permitting access to al data stored or trafficked through the compromised computer. Microsoft has already announced that the PowerPoint vulnerability will not be patched until August 8.


Rating:
Fair (2.8/5) 6 vote(s) so far    

Read by 1,331 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


PowerPoint Zero-day Attacks

Chinese Love Philosophy Exploits PowerPoint Flaw

Microsoft Leaves PowerPoint Flaw Unfixed

Zidane's Head But Spreads Trojan

Microsoft Patch Generates Problems

iAsk and Sogou - New Examples of Chinese Web Censorship?

SQL Injection Hacker Attacks on the Rise

Sophos Introduces Podcast over Security Issues

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive