Wed, Oct 17 2007 14:40
New Storm Tactic: Krackin Software
Websense® Security Labs™ has received
several reports of a new Web site that is being distributed in spam
sent out by those running the Storm attacks. For more details on the
Storm attack, see (http://www.websense.com/securitylabs/blog/blog.php?BlogID=141).
This site poses as a new piece of software called "Krackin v1.2" and advertises:
* Easy to install
* Auto-Virus scanning
* Mobile Source Downloading
* IP Blocking to Prevent Tracking
* Unwanted User Blocking
Users with unpatched computers are
automatically exploited. Users with patched computers are prompted to
download and run a file called "kracking.exe" This file contains the
Storm payload code.
Sample email text:
All the new movies music and more. In one place. The Krackin network.
Filed under: Alerts