Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

well this dose spy but i figure its important

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Mon Jan 26, 2004 10:30 am    Post subject: well this dose spy but i figure its important Reply with quote

Viruses pack triple threat


Robert Lemos
CNET News.com
January 19, 2004, 11:10 GMT


Tell us your opinion

Virus writers are merging spam, phishing and Trojan programs to develop more complex attacks on the unwary


Virus writers are going beyond "click to infect" programs by merging a trio of techniques to bypass security and compromise computers with malicious code.





Antivirus companies point to the increase in downloader programs in email as part of the trend toward more-complex attacks. These tiny Trojan horses are being used in combination with viral programs and Web site hosting to dupe PC owners and bypass security software.


The latest example of this approach uses a Trojan horse dubbed Downloader-GN. When run, the less-than-3,000-byte program downloads the Mimail.p virus to the victim's computer from a Web site in Russia. That virus then attempts to convince the user to type in personal and financial information, a technique known as "phishing."


The method is complicated and not all that original. Other viruses have attempted to upload other programs from Web sites to augment their abilities, and small download programs are also common. However, antivirus companies say that using all three together is a trend, and that some PC users have taken the bait.


"There is a huge population that recognises these spammings are false, but there is a small population that falls for it," said Craig Schmugar, a virus research manager for security software maker Network Associates.


Downloader-GN was sent out in a bulk emailing two days ago with an accompanying message that claimed to be from online payment company PayPal, according to security software companies. The fraudulent email claimed that PayPal would add 10 percent to the account value of any customer who filled out a form accessed by running the attachment, named Paypal.exe.


"Registration is simple," stated the message. "Just unpack the attachment with WinZip, run the application, and follow the instructions we have provided."


When run, the Downloader program will download a program from a Russian Web site and run it. Antivirus companies identified the program as a variant of the Mimail virus. The program could be changed, but the Web site has currently been taken down by the Internet service provider, said Schmugar.


PayPal is a common target of phishing scams and has posted advice online to tell customers how to avoid becoming a victim. Customers of eBay, Amazon.com, Microsoft and banks are also popular targets of such scams.


Even a small number of successes can make such schemes worth the effort for the virus writer.


"Just like spammers, the malicious coders can make enough money to make it worth their while, if only a small percentage of folks actually fall for the ruse," said a statement from Chris Belthoff, a senior security analyst at antivirus company Sophos. "For those that do, the bad guys can completely drain their bank accounts."


Blocking any executable attachments can protect corporate users, and personal firewalls can give warning when an unauthorised program tries to download a file from the Internet. Moreover, PC users should be cautious of trusting any unsolicited email, Belthoff said.


"Reputable companies do not send out files in this way, and users should think twice before they click on unsolicited email messages," he said.




i figure this rates as news as it dose afect every one and though its slightly a worse menace than spyware figured i should pass this on suzi if i,m far over stepping my bounds please let me know. Smile
Back to top
View user's profile Send private message Send e-mail Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 15 Apr 2014
Posts: 10310
Location: sunny California

PostPosted: Mon Jan 26, 2004 5:32 pm    Post subject: good info. Reply with quote

This is good info Dave. I created a new forum for virus warnings and updates. Idea
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Mon Jan 26, 2004 9:42 pm    Post subject: Reply with quote

thank you suzi now even i have something i can do here!!!!!!!!!!!!!!!!!!!!!! Surprised Very Happy Smile Shocked
Back to top
View user's profile Send private message Send e-mail Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 15 Apr 2014
Posts: 10310
Location: sunny California

PostPosted: Fri Jan 30, 2004 6:09 pm    Post subject: Reply with quote

Ok, Dave! You are hereby given the job of keeping us up to date on viruses! Thanks!!! Cool
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Fri Jan 30, 2004 7:54 pm    Post subject: todays viruses! list Reply with quote

Today's roundup of virus alerts:

W32/SdBot-DC - A backdoor Trojan that spreads via exploiting
weakly protected network shares. The virus logs onto an IRC
server to allow an attacker access to the infected machine.
(Sophos)

W32/Dumaru-K - An e-mail worm that steals passwords and installs
a download for installing other malicious code on the infected
machine. The virus spreads via an e-mail titled "Important
information for you. Read it immediately !" with an attachment
called "myphoto.zip". (Sophos)

W32/Mimail-Q - A worm that harvests e-mail addresses from an
infected machine. The virus installs a fake Web page that tries
to capture credit card information from unsuspecting users.
(Sophos)

W32/Mimail-S - Another Mimail variant that is very similar to
Mimail-Q. (Sophos)

VBS/Inor-C - This Visual Basic script drops other Trojan Horse
applications on the infected machine. (Sophos)

Troj/Stawin-A - This virus attempts to steal banking information
that is entered at various financial institutions' Web sites. It
spreads via e-mail with a subject of "I still love you <random
characters>" and an attachment called "message.zip". (Sophos)
**********

_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group