« REVIEW: Nokia E90 Communicator
RANT: Corralling The Cowboy Operators »

Weekly Report On Viruses & Intruders

According to data gathered at Panda Security’s the Infected or Not Web site, the NaviPromo adware has been the most active malicious code this week.

Adware is annoying malware designed to show unwanted advertising while we browse the Net. Some adware can, of course, also spy on our surfing habits. This type of malware occupies nine spots in the top ten most prevalent malicious codes this week. The only exception is the Virtumonde spyware, which takes second place.

Top 10:

  1. Adware/NaviPromo
  2. Spyware/Virtumonde
  3. Adware/OnlineAddon
  4. Adware/VideoAddon
  5. Adware/SecurityError
  6. Adware/Zango
  7. Adware/Lop
  8. Adware/PurityScan
  9. Adware/SaveNow
  10. Adware/Gator

Keylogger.DB exploits a vulnerability in Access, Microsoft’s Access database application. This Trojan is designed to capture key strokes so that it can get any information entered by the user on Web pages.

The Banker.KTG Trojan spreads by using social engineering techniques.In this case, the bait is a link to a video that users receive via e-mail. If you try to play the video, a message is displayed informing you that you need to download a video codec to view it. However if you do it, you will actually be downloading a copy of the Nabload.DCH Trojan onto your computer.

Banker.KTG is designed to steal information entered through virtual keyboards, one the security measures implemented by many online banks. This Trojan spreads in a similar way to Orkut.AT, a Trojan which uses the Orkut social network to reach victims.

The MonaRona.A Trojan also uses social engineering techniques to spread, in this case, by offering users the possibility of downloading the Unigray application. Once it has reached the computer, the Trojan displays a warning message identifying itself as a virus that has been created to protest against human right violation. This malware has been designed to carry out malicious actions like disabling the Task Manager or end processes belonging to certain applications.

Finally, a number of junk e-mails announcing Fidel Castro’s death have been used to distribute the FakeDeath.A worm. This e-mail contain a link to a video. If you click the link, you will become infected. The worm downloads multiple copies of itself to P2P application shared folders and creates a key in the Registry Windows to ensure it is run every time the system is started up.

castro_1.jpg

This entry was posted on March 7, 2008 at 7:28 pm and is filed under Staying safe . You can follow any responses to this entry through the RSS 2.0 feed You can leave a response, or trackback from your own site.

2 Responses to “Weekly Report On Viruses & Intruders”

  1. Windows Vista Tools Says:
    March 19, 2008 at 9:34 am

    Adware Alert - No Spyware

    I suggest you to take a free scan and remove dangerous spyware and adware from your computer. Even if you think your computer is clean, you should scan and you will be surprised.

  2. chopperarris Says:
    March 20, 2008 at 9:43 am

    Apart from the obvious company plug, you’re absolutely right.

Leave a Reply