Dwnldr-CJC Trojan
Outbreak Date: 03-18-2009
Fake Email: Tatiane
Outbreak Filters Protects Users Hours Before AV Solutions
Summary
IronPort's Virus Outbreak Filters again protects customers within the critical period between the first exploit of a virus outbreak and the release of an AV signature. During the recent "Downloader-CJC" Trojan outbreak, Virus Outbreak Filters protected customers 48 hours and 55 minutes* before the first major anti-virus vendor provided protection.
Outbreak Details
On March 18th, 2009, a targeted attack was sent to users in Brazil. The email subject line was: "Tatiane" The message, written in Portuguese, claims that a webcard is available for 5 days and asks the user to click the link to see the card. The link instead refers to a malicious executable file that runs and infects the victim's system with a banking Trojan.
The Trojan is designed to intercept network traffic and steal bank details of the infected system, such as the user name, password and account details of the bank.
Virus Outbreak Timeline
48 hours 55 minutes additional protection from first AV vendor.
*Vendor signature times per AV-Test. Signature times from the following vendors: Sophos, Trend Micro, Symantec and McAfee. Generic signatures not included.
