Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: 2nd generation WMF 0day Exploit Spammed - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
2nd generation WMF 0day Exploit Spammed
According to F-Secure's blog today, the 2nd generation WMF exploit has been spammed and "When the HappyNewYear.jpg hits the hard drive and is accessed (file opened, folder viewed, file indexed by Google Desktop), it executes and downloads a Bifrose backdoor (detected by us as Backdoor.Win32.Bifrose.kt) from www[dot]ritztours.com."

Trend Micro is calling it TROJ_NASCENE.H
Tom

160 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!