Computer Security Research - McAfee Avert Labs Blog

Nuwar starts ‘Krackin’

Wednesday October 17, 2007 at 8:48 am CST
Posted by Dirk Kollberg

The latest trick Nuwar (aka Storm) plays looks like this:

Screenshot of Webserver

Like previous variants, the HTML page contains a script that attempts to execute the malicious file hosted on the webserver. However even if this exploit code gets blocked by AV software or not executed at all because of security settings in the browser - the user still has the option to click on the download button and infect their machine.

McAfee VSE8 Alert

Make sure you’re protected so you do not join the Storm network!

This entry was posted on Wednesday, October 17th, 2007 at 8:48 am and is filed under Bot and BotNet Research, Exploit Research, Malware Research, Web and Internet Safety. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Nuwar starts ‘Krackin’

Leave a Reply

Archives

Categories