Exploit:Win32/Pdfjsc.AIK is s Trojan that propagates as a malevolent PDF file exploiting a vulnerability in Adobe Acrobat and Adobe Reader (CVE-2010-0188). The vulnerabilities permit Exploit:Win32/Pdfjsc.AIK to drop and run arbitrary files. Adobe Acrobat and Adobe Reader earlier than 8.2.1 and Adobe Acrobat and Adobe Reader earlier than 9.3.1 are vulnerable to Exploit:Win32/Pdfjsc.AIK. Exploit:Win32/Pdfjsc.AIK proliferates via hijacked websites and spam email attachments. If Exploit:Win32/Pdfjsc.AIK successfully exploits a corrupted PC, it may cause the Adobe application to crash, or it may download and install arbitrary files which may be found as other malware threats. Exploit:Win32/Pdfjsc.AIK also contacts the particular website for damaging intentions….

Exp/20124681-C is a malicious Java code, which is a component of a DDoS (distributed denial-of-service) attack against Brian Kreb’s blog. Exp/20124681-C attacks Internet users who have an old Java version installed on their PCs. Exp/20124681-C exploits the Java vulnerability (CVE=2012-4681) for accessing the targeted computer. If installed successfully, Exp/20124681-C can result in a number of other exploits on the infected computer. Exp/20124681-C mainly proliferates via dangerous websites. If the computer system runs an exposed version of Java and the website is able exploit it, Exp/20124681-C may be distributed onto the affected PC….

HackTool:Win32/Patch.B is a malware threat, which uses JavScript based tricks to spread itself to targeted PCs. HackTool:Win32/Patch.B allows cybercriminals to insert HackTool:Win32/Patch.B onto the affected computer through hijacked legitimate websites, for instance, via an advertisement that hides irritating JavaScript diversions. HackTool:Win32/Patch.B blocks access to email and particular websites, but its payload is not limited to a particular task or a set of tasks whatsoever….

Mal/VBCheMan-A is a malware threat that has the tendency to load executable files on a computer where the initial malware infection may run in the background. Mal/VBCheMan-A is also known to produce outbound traffic and download other malware files from the internet. A system infected by Mal/VBCheMan-A may suffer from reduced performance and limited internet or network access. The registry is also manipulated by Mal/VBCheMan-A to add bogus entries….

JS/Redir.BP is a malicious infection that is known for redirecting web browsers to unwanted sites potentially leading to the download and installation of additional malware. JS/Redir.BP is able to execute through a script and then run in the background without alerting the computer user of its presence. Removal of JS/Redir.BP may require utilizing an updated antispyware tool to safely detect and eliminate all related malware files on an infected computer….

A fake Windows Firewall will often appear in the event of a rogue security program infection. These are malware threats that disguise themselves as legitimate security programs. As part of their attack, they will often replace the real Windows Firewall with their own fake Windows Firewall. This is part of a con game designed to rob money from novice computer users. These kinds of fake security applications tend to use highly realistic messages and tactics to fool computer users into believing that they are actually the real thing. If fake Windows Firewall seems to have been activated on your computer, this is usually a clue that your machine has been compromised by a rogue security program. It is important to ignore all recommendations and messages from the fake security program responsible for the fake Windows Firewall and instead remove the fake Windows Firewall with a reliable…

Exploit:Java/CVE-2013-0431 is a malevolent Java application that is distributed via compromised websites and attacks PCs using a vulnerable version of Java. Exploit:Java/CVE-2013-0431 is a malevolent code that uses a vulnerability (CVE-2013-0431) to download and install other malware infections onto the affected computer system. Exploit:Java/CVE-2013-0431 is to be found during the course of Internet surfing, while the malware infections it distributed, if already downloaded, betray the vulnerability on the host machine….

Mutter is a malware threat that is included in the spear-phishing attack. Mutter is spread via spam email messages that contain infected documents that strive to fool affected recipients into clicking on the file, which would distribute Mutter malware. One of the documents is an article about Pakistan’s unmanned aerial vehicle industry written by Aditi Malhotra, an Indian writer and associate fellow at the Centre for Land Warfare Studies in New Delhi. When downloaded, the Mutter malware opens a backdoor on the compromised PCs in order to receive commands from C&C servers and to transfer stolen information. To bypass the detection, Mutter is able to stay dormant for long periods of time so that it will finally be classified as safe by security programs….

The TorRAT malware is a remote access Trojan that is commonly associated with attacks on financial institutions. Like other remote access Trojans, the TorRAT malware is specifically designed to allow a third party to gain access to a computer from a remote location without the computer user’s authorization. There’s a recent wave of attacks which spread the TorRAT malware infections through malicious links on Twitter. According to reports received from affected computer users, hijacked Twitter accounts are used to share links that lead to attack websites that attempt to inject TorRAT malware into the victim’s computer. If you have a reason to believe that your machine has been exposed to the TorRAT malware, ESG security researchers strongly advise to put into service an authentic anti-malware program to analyze your PC.

ESG malware researchers have dealt with the TorRAT malware…

Exploit.Java.CVE-2013-0422.z is a Java exploit, which proliferates via a hacked website that hosts and advertises a malevolent Java applet exploiting the CVE 2013-0422 vulnerability. The malevolent Java application, Exploit.Java.CVE-2013-0422.z, circulates via the harmful website called ‘minjok.com’, which is a news website created in Korean and English languages incorporating mainly political events around the Korean peninsula, and is now closed. The website, which spreads Exploit.Java.CVE-2013-0422.z has been hijacked and cybercriminals embedded a single line in a page code showing the latest news about Korea. This line of code urged a victimized visitor’s Internet browser to drop and run the harmful Java applet called Exploit.Java.CVE-2013-0422.z, which exists in the website. If exploited successfully, a damaging executable is added to the hacked PC and executed without the victim’s…