Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Bkdr_reload.p

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Bkdr_reload.p
# 1  
Old 07-13-2008
Bkdr_reload.p
This backdoor arrives on a system as a file dropped by other malware or as a downloaded file from a malicious Web site.

It monitors the Internet Explorer activities of the affected system, specifically the address bar. If a user visits any of the monitored sites, this backdoor recreates the legitimate Web site with a spoofed login page. The said routine tricks the user into giving out sensitive account-related information. It logs keystrokes entered by the user in the user name and password fields of the spoofed login page. It then closes the legitimate Web site once the backdoor recreates it.

This backdoor attempts to steal user information of online bank and saves it in LOGFILE1.TXT file. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data.

It then sends the data it gathers to a public email address that uses smtp.terra.com.br domain server using its own Simple Mail Transfer Protocol (SMTP) engine.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

mkeot

MKEOT(1)							   EOT UTILITIES							  MKEOT(1)

NAME

       mkeot - generate Embedded OpenType

SYNOPSIS

       mkeot font-file [ URL [ URL ... ] ] > EOT-file

DESCRIPTION

       The  mkeot  command  writes an EOT (Embedded OpenType) file on standard output that contains the given font file (OpenType or TrueType) and
       the given URLs.

       mkeot handles TrueType files, OpenType files with TrueType outlines, and OpenType files with Postscript outlines. (Technically:	all  files
       with the "sfnt" format.) However, Microsoft's Web browser Internet Explorer (version 8) cannot handle Postscript outlines. To use EOT files
       with that browser, OpenType files with Postscript outlines must be converted to TrueType files first. Several prgrams are able to do  that,
       including the free fontforge.

       The URLs that are added to the EOT file list the Web pages on which the EOT font may be used. They act as prefixes, which means that, e.g.,
       a URL such as http://example.org/foo enables a font not only for that precise page, but also for  http://example.org/foo2  or  http://exam-
       ple.org/foo/bar or any other pages whose URL starts with the prefix.

       The  EOT  specification	allows EOT files without any URLs, but is not clear on the meaning of such a file. In practice, at least in Micro-
       soft's Internet Explorer (version 8), an empty list of URLs means the font applies to no Web page at all.

       EOT font are typically used for Web pages. To that end, a link (URL) to the EOT file must appear in the Web page's style sheet.	A  typical
       rule in CSS looks like this:

	   @font-face {
	     font-family: My Fancy Font;
	     font-style: normal;
	     font-weight: normal;
	     src: url(http://example.org/fonts/fancy-roman.eot);
	   }
	   body {
	     font-family: My Fancy Font, serif;
	   }

       This downloads the EOT file from the given URL and declares it to be a font of normal weight and roman style with the family name "My Fancy
       Font." That font can then be used in style rules, such as, in this example, to set the font of body text. See the "CSS Fonts  Module  level
       3" for details on CSS.

       TrueType files typically have the extension .ttf, OpenType files typically have the extension .otf and EOT files typically end in .eot.

SEE ALSO

       eotinfo(1),   fontforge(1),   WEFT  (http://www.microsoft.com/typography/web/embedding/weft3/default.htm),  EOT	(http://www.w3.org/Submis-
       sion/2008/01/) CSS Fonts Module level 3 (see http://www.w3.org/TR/css3-fonts/)

BUGS

       mkeot does not apply the optional MicroType Express compression.

       mkeot may fail with fonts that have non-ASCII characters in their names.

       mkeot cannot handle fonts that use (only) language tags instead of traditional Microsoft/Apple  language  numbers  in  their  names  table.
       (Luckily, this feature of OpenType version 1.6 appears to be little used.)

       mkeot  does  not  subset  the font, unlike Microsoft's graphical WEFT tool. To make a EOT file with a reduced set of glyphs, you must first
       create a subsetted TrueType font with a font editor.

1.x								    25 Jan 2010 							  MKEOT(1)