myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Agent.BRK - Avoid attachment BSAVER.ZIP

This is shared due to prevelance, as another major seeding of a new Agent downloader/rootkit variant has taken place.  These may be showing up in our spam filters or in-boxes soon

Agent.BRK - Avoid attachment BSAVER.ZIP
http://www.f-secure.com/weblog/archives/archive-072007.html#00001236
http://www.f-secure.com/v-descs/trojan-downloader_w32_agent_brk.shtml

quote:

Trojan-Downloader:W32/Agent.BRK attempts to download and install other malware onto the affected system. The file is replaced with a copy of Rootkit.Win32.Agent.dp Furthermore, Trojan-Downloader:W32/Agent.BRK launches an instance of Microsoft Internet Explorer as a hidden process with its code injected into the process.  This time the e-mail attachment is named as bsaver.zip.

Published Jul 27 2007, 02:33 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems