Threat Level: green Handler on Duty: Richard Porter

SANS ISC: InfoSec Handlers Diary Blog - Zeus/Citadel variant causing issues in the Netherlands InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Zeus/Citadel variant causing issues in the Netherlands

Published: 2012-08-09
Last Updated: 2012-08-09 10:20:41 UTC
by Mark Hofman (Version: 1)
1 comment(s)

According to some new sources (thanks Alexander) a trojan is doing the rounds in the Netherlands at the moment causing major issues within organisations.

The web sites http://webwereld.nl/nieuws/111424/nieuwe-trojan-grijpt-wild-om-zich-heen-in-nederland.html and http://nos.nl/artikel/404668-computervirus-treft-ook-venlo.html (both in Dutch) report that a trojan is affecting a number of organisations.  According to the article the trojan affects already Zeus infected machines.  Fox-it has an analysis here http://blog.fox-it.com/2012/08/09/xdoccryptdorifel-document-encrypting-and-network-spreading-virus/ and some of the original information can be found here http://www.damnthoseproblems.com/?lang=en

According to the analysis the malware encrypts files which will be a problem for those without proper backups. 

If you have samples feel free to upload them to our contact form (ziped up with a password of infected please).

Mark

 

1 comment(s)
Diary Archives