USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0266 Malicious Malware Installer:

IcePack, a malicious tool for installing malware through exploits, infects computers through the following process: the application accesses a web page to which it adds an iframe reference pointing to the server where the application is installed. The main innovation in Icepack is that the tool adds the iframe, while previous applications like Mpack needed a hacker to manually access the Web pages in which to insert it. When a user visits one of these malformed pages, the iframe activates Icepack, which looks for vulnerabilities on the user's computer. If it finds one, it will download the exploit for this vulnerability to the computer. An important feature of IcePack is that it uses exploits corresponding to the most recent vulnerabilities to appear, since users are less likely to have updated their computers with the appropriate patches. Another innovation of IcePack is that it combines an FTPS checker and an iframer to exploit the information about the FTP accounts they have stolen.

(www.net-security.org 27JUL07)

Last Modified: Wednesday, 01-Aug-2007 23:49:26 EDT

NOW READ THIS ("Security Advisory")

NRT-0266 Malicious Malware Installer:

NOW READ THIS
("Security Advisory")