Don’t fall for this gentle kiss! It’s the Storm Worm in a new form
Virus writers do have a heart, or at least they are faking one! The subject lines of this Worm spreading mail are as mushy as they can get. They go like: ‘Eternity of Your Love’, ‘I Love You Soo Much’, ‘falling in love with you’, ‘For You My Love’, ‘our journey’, ‘our love nest’, ‘Memories of You’ and ‘A Kiss So Gentle’.
The mail shows a nice pink heart and a message that reads as, "Your download should begin shortly. If your download does not start in 10-20 seconds, you can click here to launch the download and then press run. Enjoy!". What’s downloaded on clicking this message is a file named withlove.exe or with_love.exe, which carries a not-a-bit lovable malware named ‘Zhelatin.sg’.
"This is a new rollout from the ill famed storm factory with some changes in code and a new spreading theme. And if one has to go by the initial volumes, the attack seems fairly large," says Govind Rammurthy, CEO of MicroWorld Technologies. "The two important factors that enable this malware to give a hard time for many security solutions are the speed at which new variants are dished out and countless places where they can host these threats".
The activities of Zhelatin.sg inside the compromised computer are pretty much the same as its predecessors. The Worm drops a file named ‘burito.ini’, stops Antivirus running on the computer and activates a range of ports to connect to peer-to-peer networks before making the computer a part of the mammoth sized storm botnet. From that point on, the computer would send out spam or do many other things that the remote attacker would want it to do.
"So far the primary duty of a computer in this network is only to relay spam. However one would shudder to think what happens when the controllers behind this network having such massive computing power move on to spread more harmful Viruses or start widespread Denial-of-Services attacks? I believe it’s high time law enforcement agencies work with security companies to initiate a global crackdown on this criminal gang," says Govind Rammurthy.
Govind’s firm MicroWorld offers multilevel protection against all variants of this malware. Its AntiVirus and AntiSpam solution at mail server, MailScan, tackles all sorts of spam and threat laden mails by employing a range of technologies including MicroWorld’s recent invention called ‘Non Intrusive Learning Patterns’. eScan, the Enterprise security solution, combines fast updating signature based detection with proactive technologies to keep the Worm at bay all time .
MicroWorld Technologies GmbH
"MicroWorld Technologies (www.mwti.net) is the developer of highly advanced AntiVirus, Content Security and Firewall software solutions eScan, MailScan, and eConceal. MicroWorld Winsock Layer (MWL) is the revolutionary technology that powers most of MicroWorld products enabling them to achieve several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready.
For more information, please visit www.mwti.net"
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Was ist eine CA?
Eine CA (Certificate Authority oder Certification Authority) ist eine vertrauenswürdige Instanz, eine Zertifizierungsstelle, die digitale Zertifikate herausgibt. Mit Hilfe der Zertifikate wird die elektronische Identität von Kommunikationspartnern bescheinigt. CAs bilden den Kern der Public-Key-Infrastruktur und übernehmen die Rolle von Trust Centern.Weiterlesen