Wed, Oct 17 2007 14:40 Don

New Storm Tactic: Krackin Software

Websense® Security Labs™ has received several reports of a new Web site that is being distributed in spam sent out by those running the Storm attacks. For more details on the Storm attack, see (http://www.websense.com/securitylabs/blog/blog.php?BlogID=141).

This site poses as a new piece of software called "Krackin v1.2" and advertises:

* Easy to install
* Auto-Virus scanning
* Mobile Source Downloading
* IP Blocking to Prevent Tracking
* Unwanted User Blocking

Users with unpatched computers are automatically exploited. Users with patched computers are prompted to download and run a file called "kracking.exe" This file contains the Storm payload code.

Sample email text:

All the new movies music and more. In one place. The Krackin network.
http://<removed

Details .. 

Filed under: