New Virus Detected by Trend Micro
Abaut Trend Micro / Image License Wikimedia Commons |
ABOUT TREND MICRO - VIRUS DETECTED
In the period from 21 January to 20 February this year, anti-virus firm Trend Micro reported 3185 new samples of malicious code, of which 1711 are products of samples sent in real time.
In a monthly report, indicated that in the 30 days preceding the 2236 reporting period were documented and stresses that virus detection figures have grown gradually since December 2004. He mentions that in the referred period faced 12 newly discovered vulnerabilities that allow code execution, unauthorized access and disclosure of private information.
Of these vulnerabilities, accurate, eight are considered critical, three important and one was classified as moderate.
Notes that of the specimens, the irruptions of WORM.BAGLE.AZ, WORM_BROPIA.F and had the highest MYDOOM.BB triggered alerts.
He reports that late last January was declared the first alert WORM.BAGLE.AZ 2005 when he appeared, a new variant of the Bagle family, which like its predecessors is a generator of spam you get the addresses in files with certain extensions.
Trend Micro explains that the characteristics of this virus is not enticing filenames used and its rapid spread is due to using false names in the sender, which makes users think that comes from a known source.
WORM-BAGLE.AZ also ends some antivirus and download a file from various websites and additionally compromise the security of the system by opening TCP port 181 to listen for connections from malicious remote users.
Meanwhile, abundant, WORM_BROPIA.F detected on January 20 and which have been discovered 12 variants, is not the first malware that spreads by sending copies of itself directly to the contacts in MSN Messenger, very efficient method to propagate .
According to the report of Trend Micro, this virus is sent to the few connected to MSN Messenger and uses attractive file names for copies it sends and expects that recipients ejecturarán and contaminate the file without knowing their systems.
He mentions that a peculiarity of BROPIA.F is that it installs a worm robot much more damaging: WORM_AGOBOT.AJC, originally leaving spreads copies of itself in shared network drives and run compromises system security by installing a backdoor that allows remote users virtual access to the system.
Indicates that the warning issued to control the spread of WORM_BROPIA.F is the first in history to be released by a worm that spreads by sending copies of itself directly by a system of instant messaging.
In February and after six months of absence in the alerts, a variant of WORM_MYDOOM.M, WORM_MYDOOM.BB, like most of his family, is a spam generator sending copies as an attachment in messages posing as failure notification in email delivery.
Stresses that MYDOOM.BB infections spread from the addresses of their victims through the infected system, but also by programming search engines known online as well as Netsky and Bagle, is considered one of the largest generators of spam.
Another virus that appeared was the Trojan TROJ_SPYWIN.A designed for financial gain and the first launches an attack against Windows antispyware program to locate and disable it and try to delete your files after stealing information related to banking websites electronics.
Trend Micro also produces other less dangerous malicious code as WORM_KIPIS.C, which like WORM_KIPIS.E, searching through attachments and sugary sweet phrases and suggestive names, infect users' computers.
In this case is WORM_AHKER.C, which invites you to download an alleged adult video famous person.
But anti-virus firm also emphasizes the fact that malicious code found in the Messaging Application mode for carrying worms and other malicious programs.
Trend Micro unveils that in the given period met three notable worms for instant messaging applications use ICQ, MSN Messenger and AOL Instant Messenger (AIM) as WORM_VAMPIRE.A that spreads all contacts in the book addresses off ICQ.
The same type is WORM_AIMDES.A that usao AOL messenger and sends a copy of itself to all contacts available from the infected user's account, but unlike others of this type, also sends a message trying to trick recipients on the origin of the file.
Similarly, he adds, the worm robot WORM_SDBOT.APA recorded more than 100 000 infections in less than 30 days, which ranked first in attacks during the referred period and displacing WORM_NETSKY.P the second site.
To ensure teams irreversible effects, Trend Micro reminds users to regularly check the existence of patches issued by Microsoft, and set the system settings according to the recommendations of experts.
Comentarios