Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Haxdoor.KI Deja Vu

Published: 2006-08-26
Last Updated: 2006-08-26 17:24:47 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
F-Secure has updated their description of Haxdoor.KI to note "The skyinet.info website (located in Russia) that the backdoor connects to, is now offering a URL that points to a file named samki.exe. This file contains a nasty payload that damages Windows beyond repair. This file can be downloaded and launched by a hacker to destroy all infected computers when time comes." . Their original blog alert info is here.
Keywords:
0 comment(s)
Diary Archives