Today, I got a direct email from [email protected] title with “‘bombing’ Breaking News @ Northern Chan State”. It’s zipped with WinRAR : named NamKham.rar.

Inside … namkham bombrcs.doc

The SCR file type is primarily associated with ‘Script’. In November 2007 the SCR file extension started to be used to transmit a Trojan. As a script or a screen saver this file can execute other files which carry the Trojan. The SCR file may be embedded within a ZIP file which could also contain a file with a double extension.

It’s really simple fake trojan, then i scanned and analyst it. WoW It’s fuck trojan lo.. 😀 I don’t know how many people they hacked with this kind of techniques. I don’t want to point out who they are… but I know something ‘One thing is special’…

Result are as follow:

 

Attack to PlanetCreator by Trojan

Explore More

What are the various methods of passive OS fingerprinting?

In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and

Read More

Reverse SSH Tunneling (NAT)

Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with reverse SSH tunneling. This document will show you step by step how

Read More

What are the countermeasures against software keyloggers?

It is very hard to detect a keylogger’s activity. Hence, a Network Administrator should take the following steps as countermeasures against software keyloggers: * Actively monitor the programs running on

Read More