Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-05-26 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

A quiet day on the Internet

Published: 2004-05-26
Last Updated: 2004-05-27 02:06:20 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)
Today a report was made of a spyware package which was digitally signed. The package dropped 2 dlls on the pc called kicom.dll and kxcom.dll. A delivery method has not been identified yet.

For removal see
http://www.computing.net/security/wwwboard/forum/11496.html
or
http://securityresponse.symantec.com/avcenter/venc/data/spyware.look2me.html

This is not new, it was published in February.

And an unconfirmed report that Norton Internet Security 4.0 2002, 2003 & 2004 for Windows has added a new feature which pre-scans the inline html images prior to writing the images to the temp directory and displaying them in the web-browser. This effort is to try to identify web borne worms and viruses. The unfortunate side effect is that pages load incredibly slowly. The report stated that Verizon's page took over 3 minutes to load with the scanner and under 3 seconds without it. This could result in users disabling their firewalls which is not a good thing.

Dan Goldberg dan at madjic.net
Keywords:
0 comment(s)
Diary Archives