The tigger trojan: icky, sticky stuff
Jump to navigation
Jump to search
(Publication) Google search: [1]
| The tigger trojan: icky, sticky stuff | |
|---|---|
| Botnet | Tigger |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2009 / 24 février 2009 |
| Editor/Conference | Washington Post |
| Link | http://voices.washingtonpost.com/securityfix/2009/02/the t-i-double-guh-r trojan ic.html voices.washingtonpost.com (voices.washingtonpost.com Archive copy) |
| Author | Brian Krebs |
| Type | |
Abstract
“ iDefense analyst Michael Ligh found that Tigger appears designed to target mainly customers or employees of stock and options trading firms. Among the unusually short list of institutions specifically targeted by Tigger are E-Trade, ING Direct ShareBuilder, Vanguard, Options XPress, TD Ameritrade and Scottrade.
iDefense said the Trojan is the first known malware to exploit a specific vulnerability Microsoft patched in mid-October 2008. That flaw is what's known as a "privilege escalation" vulnerability, in that it cannot be exploited remotely, and merely allows the attacker to gain access to the almighty "administrator" account in Windows.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2009BFR1158,
editor = {Washington Post},
author = {Brian Krebs},
title = {The tigger trojan: icky, sticky stuff},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2009},
howpublished = {\url{http://voices.washingtonpost.com/securityfix/2009/02/the_t-i-double-guh-r_trojan_ic.html voices.washingtonpost.com}},
}