How to clean your computer from viruses IRC-Worm

Should I open this? by davef3138

Vermiculture day 1 by superpuppy

Once installed, worm infects and redirects Firefox and Chrome browsers to different websites after user queries specific search terms.

Spybot.AKB is the latest worm to grace Direct Connect P2P networks, this time passing itself off as a name brand .exe file extension in the “shared” folder.

Once activated it installs an extension in the Firefox and Chrome browsers in order to control the searches made by users, and then redirects them to malicious websites from which more malware can be downloaded.

It affects the “shared” folders of the following P2P programs:

  • eMule
  • LimeWire
  • Morpheus
  • Tesla
  • Winmx
  • eDonkey
  • Bearshare
  • Grokster
  • Icq
  • KaZaA

Unsurprisingly the worm only affects Windows platforms, specifically 2003, XP, 2000, NT, ME, 98, and 95, so Vista and Win 7 users are immune.

For more info check out the Panda security website.

As usual I recommend switching to BitTorrent or Usenet from Direct Connect-style P2P networks. Between copyright infringement investigations and malware headaches it’s just not a safe place to be anymore.

Stay tuned.

jared@zeropaid.com

Related

  1. New worm/Trojan: Kazoa.C Spreading fast thourgh Kazaa and IRC
  2. Study Predicts Increase in Attacks from P2P Networks
  3. FireFox Jumps To 13% Of Global Market Share
  4. Firefox 1.5.0.5 update plugs ‘critical’ holes
  5. Spybot Search and Destroy 1.2 beta 4

For the third month in a row the top five programs have led the rest of the rating by some distance.

January, however, did see seven new entries, which is unusual for the first Top Twenty. The two script downloaders that entered right behind the leading pack have already made an appearance in our second rating for web-borne malware, but this is the first time they have made it into this rating.

Among the newcomers are three modifications of Trojan.Win32.Autorun that help spread the notorious P2P-Worm.Win32.Palevo and Trojan-GameThief.Win32.Magania via removable devices.

AutoIt, which we have already discussed on a number of occasions, is gaining in popularity with two new malicious programs – Packed.Win32.Krap.l and Worm.Win32.AutoIt.tc – created using this script language.

Malicious programs on the Internet

The second Top Twenty presents data generated by the web antivirus component, and reflects the online threat landscape. This ranking includes malicious programs detected on web pages and malware downloaded to victim machines from web pages.

PandaLabs detected a new worm, Spybot.AKB, which spreads using P2P programs (copying itself to the usual shared folders with different names) and also via e-mail. What’s new about this worm is the way it tricks users, spreading under the guise of an invitation to join social networks like Twitter and Hi5, or in an e-mail supposedly from Google replying to a job application. Another new feature is the way it installs on computers, passing itself off as a Firefox security extension… (read more)

Related articles at help.artaro.eu:

  • Antivirus programs
  • Antimalware programs
  • What is malware?
  • General Security



Powered by www.how2tech.co.za and My Sales Team

This entry was posted on Tuesday, February 23rd, 2010 at 4:23 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.