Press Careers Contact us

VSN Encrypt

  
WhitePapers Partners Financial Services
VSN Encrypt
Home
 
Product Family
> NG- 1000 Series
> NG- 5000 Series
> NG- 8000 Series
 
Finjan Technologies
> Application-Level
   Behaviour Blocking
> Vulnerablilty Anti.dote
> Anti Spyware
> Anti Virus
> URL Filtering
 
Finjan Presentations
> NG- 1000 Series
> NG- 5000 Series
 
Security Testing Center
> Test your Security    Policy
 
 
News
Click item for full story
© Visus IT Ltd 2005

Finjan

Security Testing Center - Level One Test

Direct Download Executable Test

What This Test Does:
This test downloads the game Tetris onto your computer and creates a new folder on your Windows Desktop directory named "You Have Been Hacked!" This folder copies several of your personal files into it.

How It Does It:
The user is asked to confirm the download of an exe file onto their system. When the user selects "open" the Tetris game starts to play. What the user doesn't realize is that, in addition, a folder has been added to the desktop, called "You Have Been Hacked" with personal files and a recording made by the computer's microphone for the last several seconds.

System Requirements:
Windows platform.

Entry Point:
Either through the web or as an attachment in an e-mail or through instant messaging.

Danger:
While this relies on the user confirming the download of an executable file, this type of exploit can be very successful. Executable files can be used to:

  • Implant Trojan horses
  • Stealing passwords
  • Reformat your hard disk
  • Key logging into files

Actual Exploits:
SoBig
MyDoom (disguised the EXE with double extensions)

How to Uninstall:
Delete the "You've Been Hacked" folder from your desktop. It contains only copies of files. No damage will be done to your computer or your data.

Delete the EXE file. It's called Finjan_Exe_Demo.exe. If you selected to save the file when the test began, the file will be located in the directory you selected. If you selected to open the file when the test began, the file will be saved in your temporary internet file directory. Go to Internet Explorer, Tools, Internet Options, General, Settings, View Objects. Then right click on Finjan_Exe_Demo and select Remove.

How Vital Security Protects You:
Three of Finjan's Vital Security Products can provide proactive defense against this type of attack:

    Vital Security for Web
  • By analyzing the behavior of active content, Vital Security for Web ensures that damaging exploits are stopped before they enter your network.
    Vital Security for E-Mail
  • By analyzing attachments by more than just their extension, Vital Security for E-Mail ensures that harmful attachments won't be sent to users' in boxes.
    Vital Security for Clients
  • By analyzing what calls an application makes to your operating system, Vital Security for Clients ensures that executables can't perform damaging operations.

It is strongly recommended to save the test file to your computer before opening.

Finjan Partner
Finjan White Papers

 

  
 
Please enquire
 
Name:
Email:
Telephone:
Service Required:
How can we help?