Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts tagged with Sykipot remove filter
Backdoor.Sykipot At Work
Symantec Security Response | 11 Mar 2010 | 0 comments

Following our blog, Zero-Day Attack on IE6 – JS.Sykipot Doesn’t Spare Retired Software, covering the recent IE Zero-day, we thought it might be interesting to look at an attack in the wild using this vulnerability and the resulting payload.

In what is thought to be a targeted attack, the targets were duped into visiting the site Topix21century.com, which was recently registered on March 6, 2010. Once the site is visited and the target is exploited using JS.Sykipot, they find themselves with Backdoor.Sykipot installed on their system....

Read more
Zero-Day Attack on IE6 – JS.Sykipot Doesn’t Spare Retired Software
Andrea Lelli | 10 Mar 2010 | 0 comments

Internet Explorer 6 may have taken its path to retirement but it still remains a good target for exploits, as we can see from JS.Sykipot. This zero-day was found on March 8th and it exploits a vulnerability in some Internet Explorer versions (CVE-2010-0806 , BID 38615) that can lead to remote code execution. Upon successful exploitation, JS.Sykipot will download and run Backdoor.Sykipot, which is a back door capable of communicating with its control server to receive and run several commands.

In my tests, the exploit worked successfully on IE6...

Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,898