Thursday, February 19, 2009

'Happy New Year' Worm Spawns Computer Zombies



Beware of e-mails near the concern find "Happy New Year!" VeriSign (Nasdaq: VRSN) be advisory that the letter may swivel aware coming up from a well-wisher but bordered by actuality contain a worm that could invade your computer and utilize it in benefaction of imply purpose.

The Happy New Year worm is someone heavily spammed at a rate of five e-mails per second resting on at lowest one hulking lattice, VeriSign iDefense Labs revealed Thursday. Multiple large network report interceptions of the foreign e-mail hazard on Dec. 28, 2006.

The worm is akin to other escape attack that guarantee researchers reported more hurriedly this month; here overnight case, it contains a wallet commitment call "postcard.exe" that user must download modish to infect their computer.

As of Wednesday, this be considered a new and largely undetected threat, according to Ken Dunham, examiner of VeriSign iDefense Intelligence Operations.

"If execute, malicious attitude variant from Tibs, Nuwar, Banwarum, and Glowa variants be install on the computer. It next perform a mass mail from an gangrenous computer," Dunham tell TechNewsWorld.

The worm turn the contrivance into a "zombie" that hang on be taken ended via far-flung broadcast software and then send large volume of spam.

VeriSign iDefense Labs perform a triage analysis of the threat and found that over a dozen code from several worm and Trojan colt ancestral be installed on computers. The worm is being daub via 160 e-mail servers.

Two rootkit files are installed in the retard, making it unacknowledged to detect infectivity because the worm rabble buried from the regulations.

A rootkit is a hacker security instrument that capture passwords and message traffic to and from computers. Rootkits can bequeath hackers a hindmost door into a system or drag both numbers on other system on a network.

"This new threat is a classic iceberg threat, where on earth multiple codes are installed and then fortified with rootkit technology," Dunham claim.

It has been a alive season for holiday malware. A Christmas-themed jigsaw baffle made the round earlier this week -- called "Christmas_Puzzle.exe," it cloak the "Ardamaz-E" Trojan, which also use rootkit technology to covering itself inside infected computers.

A PowerPoint file called "Christmas+Blessing-4.ppt" exploit a shabbiness in the Internet Explorer browser to mire malicious code on receptive Windows machines. This characteristic form the best of was inbuilt in an childish Christmas-themed PowerPoint transparency slow but confident that was circulate on the Internet in earlier times the holiday, according to security unbendable F-Secure .

"Christmas.exe" is another e-mail attachment that transform target machines into zombies, giving hackers unbroken control.

Security researchers are warning users not to uncap e-mail attachment from source they don't speck, and to allege operating systems and antivirus programs able to date.

"The extent of maximum doubt is through the New Year holiday, when antivirus lagging is the lowest for this new threat and users are most apt to click on a New Year's-related message," Dunham concluded. "Everyone should be on guardian for e-mails and other exultant potentially harboring malicious code during the holiday period."



No comments:

Post a Comment