• Name

  • Email

  • Company

  • Contact no.


CAPTCHA Image   Reload Image
Enter Code*:

Thank you for your enquiry, we will get back to you shortly

Latest news 16 Aug 2016 - ACA Pacific Appointed by Autodesk as Regional Value Added Distributor
Latest news 14 Jul 2016 - Progress Named a Visionary in Gartner 2016 Magic Quadrant for Mobile App Development Platforms
Latest news 10 Aug 2016 - Autodesk Industry Collections Now Available Worldwide
Latest news 10 Aug 2016 - Ten Big Reasons to Scan Wirelessly in Pharmaceuticals & Healthcare
Latest news 09 Aug 2016 - Eaton’s Expanded Series of FD85 Thread to Connect Couplings Provides Additional Sizes for Reliable Connections in Oil and Gas A
Latest news 12 Jan 2017 - ACA Pacific Technology launches Alcatel-Lucent Enterprise Solutions across Asia Pacific

Trend Micro Warning: Hacker Launched Two "Zero Day" Attack through IE's Vulnerability

Used Trojan and Backdoor to Attempt to Steal User Information. Users and Enterprises Should be Cautious.

Trend Micro (TYO: 4704;TSE: 4704), leading provider of cloud security software, detected a hacker's attacks through exploiting a software vulnerability. Hackers attacked through the vulnerability found in IE, using HTML_EXPDROP.II trojan to drop backdoors BKDR_POISON.BMN and BKDR_PLUGX.BNM. The two attacks may have compromised the user's information on the computer or device. The backdoors' server was also previously used for zero day attacks through Java related vulnerabilities. Other than the identified two backdoors, it isn't confirmed yet whether the user's device is infected with other viruses, trojans or backdoors.

Trend Micro has once again detected two attacks through IE's vulnerability, following the identification of the zero day attack on Java's vulnerability not long ago. The first attack used Trojan HTML_EXPDROP.II, and if successful, the Trojan would drop a malicious .SWF file (SWF_DROPPR.II). The .SWF file then drops a backdoor detected as BKDR_POISON.BMN. The backdoor will connect back to the server, allowing the hacker to control and steal information from the computer. The second attack uses backdoor BKDR_PLUGX.BNM — a variant of the recently discovered PlugX remote access tool (RAT), the payload of this other attack. It has been demonstrated to have significant information theft and backdoor capabilities, and is used as a component of sophisticated information theft campaigns.

Richard Sheng, senior director of Trend Micro states, "Attacking through software vulnerabilities is already a common method for hackers, as seen by the previous attacks through Adobe and Java's vulnerabilities. It is not the first time we have seen this type of attack, using a trojan to drop a backdoor. Different than regular updates, it is recommended that users edit IE's Security Settings and install appropriate information security software in order to effectively block trojans and backdoors."

Trend Micro has already provided security protection for all clients of Deep Security and IDF. Trend Micro recommends users to use programs that can proactively detect and block malicious programs and websites to be protected from similar attacks. More information please access: http://apac.trendmicro.com/apac/solutions/enterprise/security-solutions/virtualization/deep-security/

About the trojan and other details, please see the following links:

About Trend Micro
Trend Micro Incorporated (TYO: 4704;TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.
Additional information about Trend Micro Incorporated and the products and services are available at Trend Micro.com This Trend Micro news release and other announcements are available at http://trendmicro.mediaroom.com/ and as part of an RSS feed at http://www.trendmicro.com/rss Or follow our news on Twitter at @TrendMicro.

Link: http://apac.trendmicro.com/apac/about/news/pr/article/20120923104401.html

For more details you may contact:
TK Neo | 03-7803 4600 | tk.neo@acapacific.com.my

Product Search


Contact Us

  • ACA Pacific Technology (M) Sdn Bhd
  • + 60 (3) 7803 4600
  • + 60 (3) 7804 6017
  • Penang Office
  • + 60 (4) 619 2593
  • + 60 (4) 619 2693

Our Vendor Profile