
According to Alex Gostev, Kaspersky Lab’s chief security expert, “The Flashback and the SabPub Trojans are totally different. SabPub is classic backdoor Trojan, so it opens full access to a victim’s system for attackers. Flashback and its known variants is downloader and clickjacing bot, which means it conducts click fraud scam by highjacking people’s search engine results inside their web browsers.”
This latest malware has all thecapability to spread to more computers compared to Flashback Trojan.
According to Gostev in February SabPub Trojan was exploiting a MS word vulnerability, fixed long time back. SabPub’s latest version uses Java exploit to distribute infection in more effective way as the Java exploit is delivered through a drive by download when users click on malware infected URL through email.”
He also noted that SabPub is also used to attack specific targets and said, “It would seem that the attackers have an extremely select list of victims that is not very large.”
0 comments:
Post a Comment