[情報] mac新病毒出現 快裝防毒軟體吧 !!
日前 Trojan-Dropper:OSX/Revir.A 漏洞雖已被修復
但很快的Trojan-Dropper:OSX/Revir.C又出現了
MD5:7DBA3A178662E7FF904D12F260F0FFF3
The main binary
- detected as Trojan-Dropper:OSX/Revir.C .conft
- Contains an encrypted payload .confr
- contains a decoy JPG file. The first 2048 bytes
are also used as the RC4 key to decrypt the payload .cnf
- contains the filename to be used when creating the decoy file
http://goo.gl/5AERC
http://goo.gl/YtGlR from f-secure.com
就我目前的了解這支病毒主要是攻擊jpg和pdf
這支病毒版本更新的速度還算蠻快的
還沒裝防毒和自動更新的人快裝吧有裝有安心
OSX_IMULER.C http://goo.gl/mf1eH 這支更凶還會更新
它會執行遠端惡意使用者指定的下列命令:
Take a screen shot
Update the C&C server name
List the contents of a folder and save it as /tmp/launch-0rp.dat.
Then upload the file /tmp/launch-0rp.dat.
Get the file size of a file
Download a file from a URL
Execute a command via the shell
Delete a file
Download a file and save it as /tmp/xntaskz.gz.
Decompress the downloaded file to /tmp/xntaskz.
Execute the following command:/tmp/CurlUpload -f /tmp/xntaskz
另外一提
MS12-020 這次是高風險的遠端漏洞 也是蠻新的 請windows使用者也快更新吧
以上
--
嗨嗨每個人
我的專長:迅速解毒 當機處理 資料救援 取回帳號 系統規劃 資訊整合
系統規劃:經濟,高效能,低污染,節約能源,(降低噪音震動,電磁波,廢熱,積塵,輻射)
省空間,使用舒適感佳,溫暖的鍵盤與滑鼠 (抗手冰冷) 鄉民說收卡是為了培養EQ
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 182.235.70.42
→
03/28 13:22, , 1F
03/28 13:22, 1F
→
03/28 14:19, , 2F
03/28 14:19, 2F
→
03/29 00:08, , 3F
03/29 00:08, 3F
→
03/29 02:49, , 4F
03/29 02:49, 4F
※ 編輯: hihieveryone 來自: 182.235.70.42 (03/31 14:30)