Malware campaign posing as Java Update 11.jar is using Java’s high profile in light of last week s zero-day news as a social engineering technique to ensare users. The fake update is called javaupdate11.jar and contained two malicious executables, up1.exe and up2.exe. After execution, the files are connecting to a remote server that takes control of the infected systems. The update is reportedly using {BLOCKED}currencyreport.com/cybercrime-suspect-arrested/.
Source: https://threatpost.com/security-firms-warn-users-fake-java-updates-012113/77432/