Recently, we have observed a new backdoor family which we've called
    BLYPT. This family is called BLYPT because of its use of binary
    large objects (blob) stored in the registry, as well as encryption.
    Currently, this backdoor is installed using Java exploits; either
    drive-by downloads or compromised web sites may be used to deliver
    these exploits to user systems. Our research shows that the servers
    behind these attacks are mainly centered in Romania and Turkey.

    Currently, this threat is primarily hitting users in the United
    States; however it seems that consumers (as opposed to businesses)
    are the most affected.

  via [1]BLYPT: A New Backdoor Family Installed via Java Exploit |
  Security Intelligence Blog | Trend Micro.
    __________________________________________________________________

  My original entry is here: [2]BLYPT: A New Backdoor Family Installed
  via Java Exploit | Security Intelligence Blog | Trend Micro. It posted
  Mon, 23 Sep 2013 16:20:45 +0000.
  Filed under: InfoSec, java, malware, vulnerability,

References

  1. http://blog.trendmicro.com/trendlabs-security-intelligence/blypt-a-new-backdoor-family-installed-via-java-exploit/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29
  2. https://www.prjorgensen.com/2013/09/23/blypt-a-new-backdoor-family-installed-via-java-exploit-security-intelligence-blog-trend-micro/

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.