Researchers Warn About Fake Java Patch and Shylock Skype Malware

Two new types of attacks are threatening many computer users.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

Security researchers are warning PC users to beware of two new malware attacks. Hackers have released a fake Java patch that is really part of a ransomware campaign, and the banking Trojan known as Shylock is now spreading via Skype.

"Beware any Java security update that you don't download directly from Oracle's website," wrote InformationWeek's Mathew J. Schwartz. "That warning comes via antivirus firm Trend Micro, which has spotted a new ransomware campaign using malware that's packaged to resemble Java 7 update 11. The real update was released Sunday by Oracle as an emergency fix for two zero-day vulnerabilities in Java -- including CVE-2012-3174 -- that are being actively exploited by attackers."

Computerworld's Jeremy Kirk noted, "Hackers often disguise their malware as a legitimate software update in the hope of confusing IT staff. Interestingly in this case, the fake update doesn't actually exploit the vulnerabilities that Oracle patched on Sunday, [Trend Micro's Paul] Pajares wrote. The user is tricked into downloading a different piece of malware."

ITWorld's Lucian Constantin reported, "The Shylock home banking malware has been updated with new functionality that allows it to spread automatically using the popular Skype Voice-over-IP (VoIP) and instant messaging client. Shylock, named after a character from Shakespeare's The Merchant of Venice, is a Trojan program discovered in 2011 that steals online banking credentials and other financial information from infected computers."

InfoSecurity quoted CSIS researcher Peter Kruse, who wrote, “When analyzed, during an investigation, we noticed that Shylock is now capable of spreading using the popular Voice over IP service and software application, Skype. This allows the malicious Trojan-banker to infect more hosts and continue to be a prevalent threat. Also, the timing does not seem completely coincidental as Microsoft just recently announced that they are discontinuing their Messenger solution and replacing it with Skype.”

Tags: Java, malware, Skype, trojan, attacks, ransomware

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.