Exploit.SWF.CVE-2013-0634.a

Exploit.SWF.CVE-2013-0634.a Description

Type: Possibly Unwanted Program

Exploit.SWF.CVE-2013-0634.a is a malware infection that is a component of a malware attack linked to orphan Tibetan refugee children caregivers. Exploit.SWF.CVE-2013-0634.a proliferates via a hacked caregiver website, which offers support for Tibetan refugee children and are distributing backdoor Trojans signed with Winnti stolen certificates distributed with Flash exploits; the compromised website is the NGO 'Tibetan Homes Foundation'. The malevolent 'footer.swf' file is hosted at the Foundation's website. The delivered backdoors are illustrated to be signed with Winnti-stolen digital certificates, including the stolen MGAME certificate. Examples of the same stolen certs reused for the backdoors, are both the MGAME cert and the ShenZehn certs signing the backdoors. The Flash exploit+payload is found as Exploit.SWF.CVE-2013-0634.a.

Technical Information

File System Details

Exploit.SWF.CVE-2013-0634.a creates the following file(s):
# File Name Detection Count
1 footer.swf N/A

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.