Hot Downloads

Hacker Tools Mean JPEG Worm Coming Soon

Written by Administrator. Posted in Security News

Jack Writes: A tool that makes it easy to craft malicious JPEG images then let them loose against vulnerable Windows PCs has appeared, security experts said Friday, leading many to believe an MSBlast-style attack may not be far in the future.
Dubbed JPGDown.a or JPGDownloader, the tool lets hackers designate a download Web site, and then builds a malformed JPEG image file that can be distributed to attack Windows machines open to the now-patched vulnerability Microsoft announced last week. When the victim views the image file -- sent as an attachment, say, to an e-mail message -- a download's begun from the site the hacker specified. Any code can be downloaded from the remote site to the compromised PC.

"This is a simple tool that makes it trivial for even unskilled attackers to author hostile JPEG files," said Ken Dunham, director of malicious code research for security intelligence firm iDefense, in an e-mail to TechWeb.

Dunham added that the tool, "significantly increases the likelihood of widespread JPEG attacks." Panda Software, meanwhile, said that the tool was a solid clue that a worm exploiting the vulnerability was "imminent."

"Given the nature of the problem, Trojans are a great threat, especially as they can go unnoticed by users but are frequently used by cyber crooks for online fraud," said Luis Corrons, the head of PandaLabs, in a statement.

One of the uses of the JPGDown.a tool would be to compromise a PC, then download a Trojan horse or other backdoor component from a remote Web site.

Dunham used the analogy of MSBlast. "The threat scene [now] is similar to that of Blast in 2003. Within a few days [last year] exploit code surfaced, and then improved exploit code, followed by a Trojan tool, Trojans, and worms.

"It's likely that Trojans and possibly worms will soon emerge in the wild now that such a tool and exploit code exists in the virus writing underground," he added.

With a worm and full-scale attack looming, users should patch vulnerable systems immediately. Windows and numerous applications are vulnerable, according to the security bulletin Microsoft released last Tuesday.



Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup