Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for March 9th, 2010

New Email Exploit “Scan upon download” 03.08.10

leave a comment »

The email reads:

Dear Sirs,
We have prepared a contract and added the paragraphs that you wanted to see in it. Our lawyers made alterations on the last page. If you agree with all the provisions we are ready to make the payment on Friday for the first consignment. We are enclosing the file with the prepared contract.

The email has the ZIP archive attached named Contract.zip, a 202 kB large file, and once extracted an executable file named Contract.exe appears.

After being clicked on and run, the following files are created:

%AppData%\av.exe


%AppData%\v7LsGuo3u6bku

A new process is created:

%AppData%\av.exe

You’ve just been p0wned. Of course the hook here is the social bits. First off, the admonishment of the subject line:

“scan upon download”

Nice touch really.. As not many vendors can see this yet, I am sure this will work pretty well for the mass clickers out there.

My virus scanner said it was ok! CLICK CLICK CLICK!

Second, the whole contract angle. Now, if you are not a sir, and you know nothing of any contracts you might be recieving, why would you click on this? Mostly I think it is because people are generally curious and want to know things that they “shouldn’t” have access to. So they will click on the zip or the “contract” to get the dirt.

Human nature…

The trojan that has just been installed  is named Suspicious:W32/Malware!Gemini by F-Secure or Mal/TibsPk-D by Sophos and is able to create malicious executable files on the infected system for you the end user to handily execute later on! YAY!

So far this was seen in the wild today at 1220 EST and only has been picked up by a scant few virus scanners. I expect there to be many more self p0wnings in the next few hours.

Here’s the hint people… If you don’t have business dealings with contracts DONT CLICK and for heavens sake DO NOT CLICK ON AN EXE!

Duh.

Written by Krypt3ia

2010/03/09 at 19:16

PLA officer urges challenging U.S. dominance

with one comment

(Reuters) – China should build the world’s strongest military and move swiftly to topple the United States as the global “champion,” a senior Chinese PLA officer says in a new book reflecting swelling nationalist ambitions.

China

The call for China to abandon modesty about its global goals and “sprint to become world number one” comes from a People’s Liberation Army (PLA) Senior Colonel, Liu Mingfu, who warns that his nation’s ascent will alarm Washington, risking war despite Beijing’s hopes for a “peaceful rise.”

“China’s big goal in the 21st century is to become world number one, the top power,” Liu writes in his newly published Chinese-language book, “The China Dream.”

“If China in the 21st century cannot become world number one, cannot become the top power, then inevitably it will become a straggler that is cast aside,” writes Liu, a professor at the elite National Defense University, which trains rising officers.

Full article HERE

Why do I feel like I have suddenly found myself in the plot of “The Bear and the Dragon” by Tom Clancy? Except instead of oil and gold deposits in Siberia we are waging battle for the gold of IP in the digital void?

This is a very important piece to pay attention to though. This Colonel really does have a contingent of the populace (the younger set) who would love nothing more than to just let the “Dragon” out of the cage to wreak havoc on us. The PLA has become strong and I am sure that some of the hard liners in power think that the “Thousand Grains of sand” approach has about run out of sand.

Look at it this way:

  • Our economy is in the worst place its been since the great depression
  • Our government is completely ossified and unable to do anything
  • Our economic engine has been stalled out and outsourced
  • Our schools are turning out less and less qualified technical people
  • We are a nation divided
  • Our debt is pretty much wholly owned by China
  • We are in a three front war with terrorism
  • Our forces are overstressed and dispersed
  • We have been terrible at securing our digital infrastructure

I could go on, but this was likely ponderous enough for you all. Look, what I am saying is this guy’s right. We are easy pickins really at this moment in time. We are down on the ground and they are the cobra kai.. And we ain’t no “Daniel San” to mix movie cultural references.

Either way I look at it I see some real problems. I know I know, you are thinking that they (China) need us as a trading partner. Yes, yes they do. However, I do not think that they need us “that much” that they would not consider at the very least pulling the plug on us.

There is a growing contingent of ultra national followers in China and they want to be “THE” superpower… And I think that they see their chance now. What would it take to trip the switch?

A blended Cyberwar attack with physical and economic contingent.

Like they say “May you live in interesting times”

Indeed.