Tag Archives | java exploit

Example of How Outdated Java Allows Malware to be Installed.

So, I get a few of these a day at work from our Vipre Enterprise agents.  In the example below a user on our LAN was trying to get VipreAntiVirus[1]some info on a product number (industrial equipment stuff).  He loaded a website, clicked on the catalog, malware scanned his PC, saw that his Java was outdated and then proceeded to try to load Trojan.Win32.Reveton.a (v) (probably FBI ransomware).  In this case Vipre Antivirus stopped the threat.

Machine: PC (10.30.11.49)
User: domain\user
Scan Date: 1/16/2013 10:10 AM
Software Version: 6.0.5481
ThreatDB Version: 15050
Policy: Default

—————–

Threat: Trojan.Win32.Reveton.a (v)
Category: Trojan
Severity: High Risk
Action: Quarantined

Traces Found:

File: C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\b16c94e-5aaef3be

—————–

Continue Reading · 1

Java Exploits are Everywhere, NOD Get’s Trashed

Java Exploits are Everywhere

We use Vipre Enterprise here at work and I’m just amazed by the number of Java Exploits it blocks per day.  We have about 200 users and I bet I get around 3-5 alerts for malware infected class files (java files) a day.  Here’s a sample I just got:

Malware Name = Trojan.Java.Agent.da (v)

Location = C:\Documents and Settings\cwest\Application Data\Sun\Java\Deployment\cache\6.0\10\2f89814a-4c2a7504|bpac\a.class

So far Vipre has quarantined every one of them.

Besides using antivirus to stop these exploits users can go to java.com and get the latest version of Java.  If you’re running the latest version of java then these exploits are usually harmless.

NOD Get’s Trashed:

Computerworld reviews NOD4 and says it’s interface more or less sucks and the detection rate of known malware is one of the lowest.  I’ll agree with that.  I installed 10 copies of Eset’s NOD 4 at an office and the client has had 4 infections in the past 6 months.  I don’t like products that make me look bad.  Oh well, lesson learned.

You can read computerworld’s review of nod here

Continue Reading · 2

RM News for 1.12.11

Hi Everyone!  My office move is winding down and it’s time to get back to my hobbies…my blogs (I’ve got a few other’s besides this one).  One of my New Years Resolutions is to post on my blogs at least 5 times a week.  Yup, it’s a tall order but I should be able to handle it now.

One of the new “items” I’m implementing on this blog is a single daily post with anti-malware/malware related news items.  This single post will be updated throughout the day (as I read and deem items worthy to talk about) so you’ll have to check back to see the updated post.

…and lets start this…

  • The United States is now largest sender of spam.  There is a really easy way to fix this.  Patches, Antivirus and ISP’s enforcing some of their rules already in place.
  • Looks like we need to continue to keep our Java updated since Java based Malware / Exploits are growing as compared to where we were in 2010.  When you load the Java Runtime it’ll periodically try to update itself, however by default you need to install the update once it’s downloaded (click on the popup in the bottom right-hand corner and click install).  After you update your Java Runtime it’s probably a good idea to reboot.
  • Wanna keep your Android Phone Malware free for Free?  I thought so.  I’m using Lookout Mobile Security for Android.  It’s a free anti-malware solution for android that scans every app that gets installed to make sure it’s not malicious in nature.  Currently the chances of actually getting Android based Malware are pretty slim, but I’m betting it’s going to explode in the next 1-2 years.
  • USB based malware is constantly on the rise since USB Flash Drives are getting cheaper and more plentiful.  You can protect your Flash Drives from becoming infected by making them read only (write protected).  Read only drives prevent USB worms from installing themselves on the flash drive.  Here is a small free utility that allows you to make your USB drive read only (you can convert it back to read/write too).  If you’re looking for an anti-virus that protects your flash drive with AV technology then McAfee offers a solution for $19.99/year (we use this at work).
Continue Reading · 10