|
Switch to Flash Forum |
Man your virus scanners! |
Tech Info For Trogen JS.Offiz |
Dat Fan Newbie
|
Payload Trigger: n/a
Payload: n/a Large scale e-mailing: n/a Deletes files: n/a Modifies files: n/a Degrades performance: n/a Causes system instability: Everytime an infected browser gets closed, it opens up six more with the same characteristics. Releases confidential info: n/a Compromises security settings: n/a ----- When JS.Offiz is executed, it performs the following actions: Opens a specified .swf file, which moves around the screen. Traps the Alt, F4, Ctrl, and Del keys so that the user can not close the browser using standard keyboard commands. When any of these keys are pressed, the script will generate the following message: If the user closes the browser using the mouse, the script will open six other browsers with the same characteristics ----- We Recomend Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates. If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied. Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services. Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised. Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files. Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media. Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched. ---- Special Thanks: Virus Control: Field Crew. Eric Komar Network Solutions. ---- Virus Control For more info on this virus: viruscontrol[at]gmail[dot]com |
||||||||||||
_________________ Eric |
Re: Tech Info For Trogen JS.Offiz |
The Internet King
|
That's one nasty virus. Thanks for the info. I have a few questions though. Do you really get infected by the virus just by viewing the thread that contains the signature!? Doesn't phpbb block scripts and even html from operating on the page!? And what forum software was this infected forum with a link to Dat Phan Online using?
|
||||||||||||
|
Man your virus scanners! |
|
||
This
forum brought to you by Discount
Merchant, Your Electronic Superstore, www.discount-merchant.com
Forum managed by Eddie Phanichkul/WI
Media, an MI
Technologies, Inc. Company
Powered by phpBB © 2001-2004 phpBB Group