Alerts
New Storm Tactic: Krackin Software
Date:10.17.2007
Threat Type: Malicious Web site / Malicious Code
Websense® Security Labs™ has received several reports of a new Web site that is being distributed in spam sent out by those running the Storm attacks. For more details on the Storm attack, see (http://www.websense.com/securitylabs/blog/blog.php?BlogID=141).
This site poses as a new piece of software called "Krackin v1.2" and advertises:
* Easy to install
* Auto-Virus scanning
* Mobile Source Downloading
* IP Blocking to Prevent Tracking
* Unwanted User Blocking
Users with unpatched computers are automatically exploited. Users with patched computers are prompted to download and run a file called "kracking.exe" This file contains the Storm payload code.
Sample email text:
All the new movies music and more. In one place. The Krackin network.
http://<removed>
Web site screenshot: