December 29, 2010

Virus named Java Downloader

TrojanDownloader:Java/OpenConnection.IT is the detection for an misconcepted Java applet that attempts to download and execute files from a remote web site. It often works in conjunction with Exploit:Java/CVE-2010-0094, which exploit a vulnerability in the Java Runtime Environment (JRE).

 It is an important software which people don't even look again to read completely or to look at the source of the file. Once the system gets infected this particular Trojan allows attackers to bypass applet sandbox restrictions and gain read and write access to the local file system. Once this is done it will go a head and do the following automatically
  • Download a file from a remote Web site
  • Save the downloaded file as %TEMP%\<random number>.exe
  • Run the downloaded file

Preventing this threat: 

The only thing this threat exploits is the Java software so keep the software from this vendor up to date. Also we can keep a track of the following to make sure it is not affecting your system.
  1. Anti-Virus definitions are updated
  2. Firewall is turned on
  3. Get the latest computer updates for all your installed software
  4. Limit user privileges on the computer
  5. Be cautious when opening attachments and accepting file transfers
  6. Be cautious when clicking links on web pages
  7. Pirated software should not be used
  8. Protect yourself against social engineering attacks
  9. Strong passwords should be used.

This also works in the lines of  Exploit:Java/CVE-2010-0094. This vulnerability allows an unsigned Java applet to gain elevated privileges and potentially have access to a host system without any restriction, outside its "sand box" environment. It also exploits a flaw in the deserialization of RMI ConnectionImpl objects, which allows remote attackers to call, without proper sandboxing, system level Java functions via the ClassLoader of a constructor that is being deserialized.


Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog



There was an error in this gadget
Twitter Delicious Facebook Digg Stumbleupon Favorites More