[情報] 新病毒出現 快裝防毒軟體吧 !!
日前 Trojan-Dropper:OSX/Revir.A 漏洞雖已被修復
但很快的Trojan-Dropper:OSX/Revir.C又出現了
MD5:7DBA3A178662E7FF904D12F260F0FFF3
The main binary
- detected as Trojan-Dropper:OSX/Revir.C .conft
- Contains an encrypted payload .confr
- contains a decoy JPG file. The first 2048 bytes
are also used as the RC4 key to decrypt the payload .cnf
- contains the filename to be used when creating the decoy file
http://goo.gl/5AERC 預防教學看看就好
http://goo.gl/YtGlR from f-secure.com
就我目前的了解這支病毒主要是攻擊jpg和pdf
這支病毒版本更新的速度還算蠻快的
還沒裝防毒和自動更新的人快裝吧有裝有安心
OSX_IMULER.C http://goo.gl/mf1eH 這支更凶還會更新
它會執行遠端惡意使用者指定的下列命令:
Take a screen shot
Update the C&C server name
List the contents of a folder and save it as /tmp/launch-0rp.dat.
Then upload the file /tmp/launch-0rp.dat.
Get the file size of a file
Download a file from a URL
Execute a command via the shell
Delete a file
Download a file and save it as /tmp/xntaskz.gz.
Decompress the downloaded file to /tmp/xntaskz.
Execute the following command:/tmp/CurlUpload -f /tmp/xntaskz
以上
--
嗨嗨每個人
我的專長:迅速解毒 當機處理 資料救援 取回帳號 系統規劃 資訊整合
系統規劃:經濟,高效能,低污染,節約能源,(降低噪音震動,電磁波,廢熱,積塵,輻射)
省空間,使用舒適感佳,溫暖的鍵盤與滑鼠 (抗手冰冷) 鄉民說收卡是為了培養EQ
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 182.235.70.42
→
03/28 11:06, , 1F
03/28 11:06, 1F
→
03/28 11:11, , 2F
03/28 11:11, 2F
→
03/28 11:12, , 3F
03/28 11:12, 3F
→
03/28 11:13, , 4F
03/28 11:13, 4F
推
03/28 11:25, , 5F
03/28 11:25, 5F
→
03/28 11:28, , 6F
03/28 11:28, 6F
推
03/28 11:28, , 7F
03/28 11:28, 7F
→
03/28 11:35, , 8F
03/28 11:35, 8F
推
03/28 11:44, , 9F
03/28 11:44, 9F
→
03/28 11:49, , 10F
03/28 11:49, 10F
→
03/28 12:13, , 11F
03/28 12:13, 11F
→
03/28 16:22, , 12F
03/28 16:22, 12F
※ 編輯: hihieveryone 來自: 182.235.70.42 (04/02 15:45)