Saint_Michael
Apr 15 2007, 07:32 PM
To think the Microsoft ANI exploit and the botnet things were bad but this just top the charts, this new variation of the Storm virus of last year gets a new powerful punch. The virus gets sent through a password protected zip fil in which the password is contain in a image file in the email. The email subject contains either Worm Alert!" or "Trojan Detected! so do not open and just delete it. Also the image file will read something like UrgentNotice.gif" or "AbuseReport.gif. and the zip file will read something like "patch-####.zip" or "removal-####.zip.". McAfee states that this virus requires some interaction in order ot be trigger, because the email stats that your computer is infected and that you must run this patch or a removal tool in order to be protected. They do mention people are still falling for it. In fact 20,000 computers alone got affected on thursday alone and they expect more to be affected as the days and weeks go by. Here is the technical talk about this worm QUOTE Ken Dunham, director of the rapid response team at VeriSign iDefense, offered some technical insight into the latest Storm variant. For starters, it includes antisecurity measures to hinder analysis. E-mails are randomized with different filenames, different passwords, and different binaries within the ZIP file -- all to evade detection.
"Once executed the worm installs a rootkit on the system (wincom32.sys) and communicates over a private peer-to-peer network to update itself," Dunham said. "It is highly likely that this latest attack will result in many more downloads, pump and dump attacks, and more as seen with former Storm Worm attacks to date."
In essence, the infected computer becomes a zombie machine on a botnet that can be used to send out spam that will launch new attacks. It can also open the door for additional malware to be installed on the victim's system. That that is just plain scary right their on the fact that this new version can escape the anti virus software detection, and soem security research even mention that anti-virus software is no longer adaquate to prectect users especially if people are still fallen for the same old tactics when a virus comes out. Right now their are no known patches or updates to prect people so be on the look out for this bad boy. SOURCES HereHere
Comment/Reply (w/o sign-up)
X_X
Apr 16 2007, 10:15 PM
Saint_Michael
Aug 3 2007, 04:07 PM
Well it seems the Storm Worm has become a rather nasty customer recently, the worm has created a botnet of almost 2 million computers and almost 500 million emails that connect to the worm have been tracked. However, what's got the security people are worried about is the possibility of a large scale DOS attack, and from they mention since there are enough computers a small country's computer network could get shutdown. So far or small DOS attacks have been associated with this worm, so far the only suggestions that have come up is make sure your expecting emails with attachments and all that good stuff, block P2P networking since it seems do it's best damage(infection) that way. So I would say to the members here to be extra precaution in your activities concerning all that fun stuff  . SOURCE Here
Comment/Reply (w/o sign-up)
Saint_Michael
Aug 23 2007, 03:08 PM
It seems the Storm Worm has gotten a bit more smarter as it keeps on morphing and trapping more people as the authors are changing the way the emails are being sent out. QUOTE Dmitry Gryaznov, a researcher with McAfee's Avert Labs, reported in a blog entry over the weekend that the malware authors were putting aside some of their e-card schemes for the old trick of luring people to open an e-mail by promising them nude or pornographic pictures. Gryaznov pointed out that the e-mails tend to have blank subject lines.
Then the authors quickly changed tactics again -- this time sending out e-mails that either invite the user to join various clubs or talk about services, like online dating sites, that the user supposedly signed up for.
Johannes Ullrich, CTO of the Internet Storm Center, has been posting rolling advisories on the site's diary, warning users about the changing attacks. He noted the phony e-mails inviting people to join a club can look legitimate since they contain fake account numbers and temporary passwords and login IDs. "I have seen about a dozen different ones so far," wrote Ullrich. "They are all 'confirmations' in this style to various Web sites. The Web page offers again an 'applet.exe' for download." So basically if you want to keep your computer zombie bot free really look at emails that your friends sent or you don't know who the person is. Of course people are smart enough to not open up spam that say you won a thousands dollars. By the looks of it, the security teams have so far not broken the worm to either patch or finally disable it, so watch your email accounts more carefully. SOURCE HereHere
Comment/Reply (w/o sign-up)
odomike
Sep 13 2007, 02:06 PM
Thanks for the warning Mike. Gotta be more careful with 'em emails now.
Comment/Reply (w/o sign-up)
Similar Topics
Keywords : virus, called, storm, worm, w32, nuwar, mm, winzip, rar, warned
- Virus Help
Can't get this sucker out (9)
Microsoft To Provide Free Anti-virus Software
(10) **waits for everyone to stop laughing so hard** That is my reaction as well know when it comes to
security and Microsoft they know as much as I do and that is sad and as for the headlines about
their anti-virus program, code name Morro to be a threat to everyone else, unlikely. If it is
anything like Windows Defender then I am glad there are better alternatives out there such as AVG to
at least provide some protection and the simple fact that it most likely will be running some sort
of windows files I doubt it will take long for someone to crack it open and start provi....
Worm_fujack 2
(0) Just recently, I won the virus lottery. I am connected to a very large network right now which has
several terabytes of shared files. The only real problem with this arrangement is that it leaves me
very open to attack from viruses and worms. I got win antivirus 2008 recently, and now I got worm
fujack 2. How can one man get two system destroying viruses in such a short amount of time? Just
lucky, I guess. The worm has several effects: It will plant itself in your system32\drivers folder
as spoclsv.exe It writes itself to your registry as "Svcshare" = "%System%\drive....
How Many Virus' Have You Managed To Install
(5) I've only ever to my knowledge and my antivirus' knowlegde downloaded and ran 1 virus, I
thought that people who regurlarly seem to download them should be kept far far from a computer, as
far as possible I'm not talking tracking cookies i mean full blown virus' because people
seem to say it like its a normal thing, sorry i downloaded a virus on my pc. it really shocked me.
So i am asking how many times have you infected your computer. and what steps did you take to get
rid of it, i used widows restore, the best antivirus of all!!!....
Iexplore.exe
is a virus i think (20) i already tried looking this up on the internet but to no avail since most of the literature there
seems to be outdated. A lot of the literature i read after googling "iexplore.exe virus" says that
it can be a virus if it's not run from the C:\Program Files\Internet Explorer\ folder.
What's happening to my system is that iexplore.exe runs from that folder however, it does so
when internet explorer is not actually running! Furthermore, i have a new process running in my
processes list, rundll32.exe. I know this for a fact because I actually committed to memor....
Got A Virus Thru Msn! Im Miserable
newest msn virus (8) ok, so a few days ago I was away from msn and when i got back i had a message from a friend on
msn..it was a link that said somthing along the lines of "hey is this really you" and listed my
email address..I clicked on the link stupidly and when i did that I got a window that said "run or
save" i didn't click on either of those, I actually restarted my laptop, but since i did that,
every time i log on I get that run/save message popping up. I am unable to fully use msn on my
computer. I cannot receive webcams and my msn is freezing frequently. /mad.gif" style="verti....
Virus Thru Msn Messenger
Instant message supposedly thru my daughter... (6) I clicked on a fake instant message from my daughter 4 months ago. Clicked on a link that was
supposed to take me to a site to find out if anyone has blocked me. Daughter & I just talked the
week before & discussed whether my son was blocking me. I'm in a computer nightmare. Damn
virus, or whatever has taken over my pc.. Administrative rights.....won't let me install my new
printer...won't allow me to reinstall windows, pc shuts down during process. How do I get my
life back?....
Best Anti-virus Program? [closed For Redundancy]
(4) I want to lnow which one is the best anti-virus program because i'm having serious problems
regarding all these viruses and spywares.So i want to know which is the best one around which i
should use....
Pop-up Virus / Trojan Problem
Constant pop-up, won't go away (11) Hi Guys, Lately I have had this same annoying pop-up dialog box pop up that says: QUOTE NOTICE:
If your computer has been running slower than normal, it may be infected with Viruses, Adware, or
Spyware. Adwareremover2007 will perform a quick and completely FREE scan of your system for
malicious programs. Download AdwareRemover2007 for FREE now! I have scanned it with Avira
AntiVirus and ad-aware2007. They both returned infected files, which i deleted, but i still have the
pop-ups. Any ideas?....
Virus Alert In My Computer
(4) Hi I think I have a spyware infection. The symptoms are as follows: "Windows Antivirus" message
screen keeps on popping up from an icon on the task bar announcing that windows has detected spyware
and suggesting downloading of antispyware. Occasionally another "Windows security Alert" window also
pops up warning that the system is making copies of system files, etc. I am also unable to access
control panel. Can somebody help ? /biggrin.gif" style="vertical-align:middle" emoid=":D"
border="0" alt="biggrin.gif" />....
[question]best Virus Protector
(4) Well I get a lot of viruses, and I must ask: What is the very best 'free' virus protection
software? I have McAfee and Avira AntiVir, but I was just wondering if there was better.....
*** Virus Alert *** Important ***
*** DO NOT TOUCH THESE LINKS *** (20) Sources have warned that the following links, or similar, should not be "touched" or linked to.
Your Anti-virus will issue a severe warning if you click to these links. It would appear that the
common element is the filename in the link which follows the web protocol h t t p. h {double t} p
{colon} //xxthebestxx.hut2.ru/ r57.txt h {double t} p {colon} //www.hdcs.org.np/ r57.txt
h {double t} p {colon} (a file on your account) %20script:void(0) h {double t} p {colon}
//turkey.dnsdc9.com/~activ7/ r57.txt h {double t} p {colon} //turkey.dnsdc9.co....
New Virus
(13) There's a new virus nowadays that attacks computers via Skype. If you have it - it's
possible that you'd get an email FROM ONE OF YOUR CONTACTS with a message: "Have you seen the
last pix of >? {URL}". Thus the virus spreads across your contacts, and then, if you click on the
link - your computer will be infected. Beware - the epidemic only started a few days ago. If you
get that message from someone you know - ask a person, if they really sent it (a bot would not have
a logical answer ready for that). Take care, abminara.....
Skype Worm Jumps To Icq And Msn
(3) Well if you all remember a few months back I made a topic about the skype worm here , well it seems
to have busted out two clones one for ICQ and for MSN. the new variation showed up sometime at the
beginning of the week for these two networks and if memory serves me correctly and it usually does,
these two messenger networks are huge. Now in order for this worm to be activated a user must click
on a link and once they do that the worm will start sending messages to your contact list and get
others to click on that link as well. Although security experts rate this ....
Does This Sound Like A Virus?
computer meltdown (17) Hi you've probably been asked this about 50 million times, but i'm gonna ask! i bought a
computer off my dads friends and when i got it it started getting windows boxes up saying that the
computer was at risk. they popped up continuously at 2 min intervals. This then stopped. i have my
ntl firewall and security check this used to pop up when starting up but it doesn't do it any
more. Its then started to connect its self to the internet to a web page that just has 21600 on it.
if u shut it down it may pop up again later. At the weekend its starting to loose ....
Prank Phone Virus That Can Kills Sends Pakistan Mobile Users Into Hysteria
(1) Although not a big secuirty risk more like something interesting about what human mind viruses can
do ot a person once they recieve a message. On friday pretty much all hell broke loose in Pakistan
when people start recieving, hear, readying about a message that a Virus sen through a mobile phone
will kill people and so every mobile user in Pakinstan went into a craze and cllaed their providers
to see whats going on. The message alos mention that 20 people have died so far, of course they
make mention about the movie "The Ring" in which once a person watched this kil....
Security Firm Kaspersky Lab Creates Ipod Virus
(1) With the flood of news coming about the .ani exploits it seems the tech world is recieve more news
about new hacks, viruses and other bad stuff these days. Today Kaspersky Lab created a virus that
is able to affect the Ipod, however, it is only affecting Ipod's that have linux installed and
not the standard OS that comes with Ipod. The virus goes by the name of Podloso, although they say
it doesn't show a current threat this virus does show the possiblity to install malware into
devices such as the Ipod. They also mention that the virus does not copy it self....
New Virus Masking As Ie7 Download
(5) Yesterday it was reported that their a new virus masking as a IE7 download using a very creative
looking email message with a link instead of a attachment. Name of the virus is called
Virus.Win32.Grum.A,, they mention that their hasn't been much damage cause by this however,
since they mention that instead of the download being attach they are providing a link. So once a
person clicks that link the virus will kick in. Their hasn't been any reports about what the
virus payload is, they do mention that it usually carries a keylogger program. Funny enough this v....
How Do I Completely Remove Trojan Viruses
anti-virus put them in virus vault (36) I have AVG anti-virus on my PC, and a few weeks back it found a trojan virus on my pc. It put it
into the virus vault but could not heal it. How do I completly remove a trojan virus? Or even can
I? Do I have to download specific software to remove it, or is there some more complexe way of
going in to the system?....
Spyware / Virus Removal Help Needed
(11) Hey guys all of a sudden in the last two days my computer has just been attacked by all types of
malicous software! and im not even kidding when almost instantly it went from running with out a
hitch to so much slow down and so many pop ups i had to run avg. 648 virus and trojans! All deleted
or moved to the vault, thought i was out of the woods than i ran adaware 202 Critical and malicous
objects I deleted them then i ran adaware again got over a hundred bad things again after the
restart and then ran adaware as well and after deleting over 1000 bad things I was still ....
Alcra D Worm
PLEASE HELP (10) I have the Alcra D worm which starts up limewire and disables regedit and other things. If anyone
knows how to get rid of this tell me. PLEASE. I have adaware, but it never seems to find it. I cant
use ctrl alt delete and limewire slows my computer down because it opens non stop. SO PLEASE HELP. I
have tried other things, but they never seem to work. I found a program for the type B worm, but it
dosnt work for D i tried. Any info on this post back. If you use limewire and it keeps opening this
is what you have by the way. And i love how limwire's FAQ says you have a ....
Is It A Virus Or Just Error ?
(9) Hi . Dear buddies now a days I’m have a very strange problem and I’m not able to understand
whats is the reason behind this problem and how I solve this problem. I am using “ ACDSEE 6.0 “ .
Yesterday I was “ Croping “ mine pictures in “ ACDSEE” then when I select the “ Croping Area” , I
received a error that “ ACDSEE has encountered an error and now will close “ /ph34r.gif"
style="vertical-align:middle" emoid=":ph34r:" border="0" alt="ph34r.gif" /> And when I trried again
to crop the same picture the same thing happened . Moreover , when I tried to view the sam....
Your Help Is Needed
dam virus or spyware damaged my pc help (6) Wup i just finished sweeping my pc with spysweeper, cause a spyware totally infected my pc, the
damm thing disabled my wallaper, i could only change a color, plus damaged norton, change my home
page, and installed a spysherrif program that was supposed to removed the spyware, of course you
need to buy it, plus installed a thing that every3 minutes show me a message in the minitray(righ
down corner), like if it was from windows, that tells me that my pc is infected. SpySweeper
apparently removed all the thing, but i still cant change my wallpaper, someone please hellp ....
Kama Sutra Virus
(6) At the request of an employer, I was sent to research this virus. Lo and behold, google helped
alot. But from what i found, it's a year old. It took it's effect back in 2005, and fron
what I read, was pretty much squashed from all the publicity it got. Can anyone comment on this?
Is it still around? My employer won't go online due to irrational fears, until I tell him
otherwise.....
Sony Virus
sony xcp software on cds (10) sony have been putting software ( called xcp ) on some of their audio cds. if you play these cds on
your pc it automaticallyinstalls software on your pc. this software uses "rootkit" to hide the file
from the user. here is a list of cds with the xcp software. QUOTE Trey Anastasio, Shine
(Columbia) Celine Dion, On ne Change Pas (Epic) Neil Diamond, 12 Songs (Columbia) Our Lady Peace,
Healthy in Paranoid Times (Columbia) Chris Botti, To Love Again (Columbia) Van Zant, Get Right with
the Man (Columbia) Switchfoot, Nothing is Sound (Columbia) The Coral, The Invisible In....
Install Two Anti-virus Software In 1 System
Is it ok? (45) I found out that AVG Free version isn't eliminating even trojan viruses. I only have this free
version from protecting my system. Is it okay to install one more anti-virus software on top of this
AVG Free version which is already installed and updated to the latest version? I have the option of
installing Norton Anti-virus 2005. Will it cause any problem since the two softwares may use the
same source from the computer, if I install this one? Do you recommend that I should uninstall
first the existing software and install the new one? Will Norton Anti-virus 2005 ....
New Virus Kills Music Files
Nopir.B worm wipes out all mp3 and com files (19) http://english.chosun.com/w21data/html/new...0504250004.html Not only does it not differentiate
between legal and illegal mp3 files, it also doesn't let you reboot your computer. So far,
it's been circulating only in Europe, but those in the US and Asia had better take caution as
well. It's only a matter of time.......
Warning: Virus Spreading Through Msn Messenger
any info? (18) I was online, and then a friend sent me that file, and I accepted it because he's been wanting
to send me a program that improves the resolution of the screen. But then my email address was in
the file name, so I asked him what that was. To my horror, he said 'virus', but it was too
late, I already opened it and then several chat screens popped-up, and it was auto-sent to some of
the friends on the contact list. Luckily i was quick enough to ask them not to click on it. And my
norton internet security and microsoft anti spyware program detected it and asked ....
Msn Messenger Virus
awful (66) Okay there’s a new virus going around MSN, I thought only my dumb friends were the ones accepting
it, but turns out its across the nation. So I dont know if you've got it and deleted it, or was
smart and didn’t accept it. Well it goes by (as far as I know) three names. There like "Frog
something something blender" "My new photo!" and like "Me and my lesbian friends!". Its a 17kb file,
so if some1 in your list tries to send you one the those, DONT ACCEPT! It goes into your list(takes
total control, so you cant do anything) and sends itself to EVERY1 in your friends li....
Virus Alert - Messenger Viruses
New viruses spreading through Y! Msngr (7) QUOTE If somebody by the name of json73002@yahoo.com adds you. dont accept it. Its a virus. Tell
everyone on ur bulletin because if somebody on ur list adds them, u get the virus too. Tell everyone
on your list not to open anything angell11. tewwtuler and sassy*BLEEP*. It is a hard drive killer
and a very horrible virus. Pass this letter to everyone on your buddy list. We need to find out who
is really using these accounts. Sorry for the inconvenience. Becareful while using Messengers
guys! Don't keep your messengers online unnecessarily. Go offline as soon a....
Looking for virus, called, storm, worm, w32, nuwar, mm, winzip, rar, warned
|
Searching Video's for virus, called, storm, worm, w32, nuwar, mm, winzip, rar, warned
See Also,
|
advertisement
|
|
