Storm Worm Blogspot.com
May.20, 2008 in
Worm
love.exe
Entries for the ‘Worm’ Category
IM-Worm, George W. Bush
Apr.09, 2008 in
Worm
It’s a later news that a new worm is spreading via MSN messenger since May.5. It sends out the message about the animation of Bush in Spanish,such as “mira esta animacion de bush :P”, and a file “bush.exe” will be downloaded from a link. These links seem to have been closed now. AV vendors have [...]
Ecard and Zhelatin
Aug.24, 2007 in
Worm
Some days ago, we reported that Zhelatin worm masqueraded as Greeting card spams. Today, we receive new spams which masquerade as Ecard. Be careful please.
The spams are as the following:
Subject: You’ve received a postcard from a family member!
Body:
Good day.
Your family member has sent you an ecard from .hk.
Send free ecards from .hk with your choice [...]
IRC-Worm.Win32.Agent.a
Aug.24, 2007 in
Worm
summer2008.zip
We just received a new worm spreading via MSN from a friend. The file name is “summer2008.zip”. In the zip file, it contains a .scr file “summer2008.scr”. This worm also can send out different messages with multiple languages. It also adds the Chinese language pronunciation this time. Kaspersky detects it as Backdoor.Win32.IRCBot.acd (old name: IRC-Worm.Win32.Agent.a)
This [...]
Email-Worm.Win32.Sober.aa
Aug.24, 2007 in
Worm
Worm.Win32.Sober.aa
We received some spams about a variant of Email-Worm.Win32.Sober today. It spreads via English and German spams. Everyone should be careful.
The English spams are as the following:
From: Webmaster@microsoft.com
Subject: Error in your eMail
Body:
Your eMail has occurred an unknown error on our Server. Please read your mail and check the text.
The full email is attached!
。auto mailerdaemon X.Path [...]
Warezov.mp via ICQ
Aug.24, 2007 in
Worm
We’ve received some reports that Warezov.mp(aka Stration) is now spreading via ICQ. We’ve got two domains about this variant, they are “auterfunmdasetion.com” and “buheradesunme.com”. We hope ICQ users can block these domains.
The variant sends out as the following link via ICQ:
http://133.buheradesunme.com//166/
http://2849.buheradesunme.com//166/
http://4047.auterfunmdasetion.com//3660/
When clicks these links, the file “flash.exe” or “pic.pif” will be downloaded.
The size of this [...]
New Warezov variant——Warezov.ls
Aug.24, 2007 in
Worm
Half an hour ago,we received a new variant of Email-Worm.Win32.Warezov(aka Stration).Like the earlier variants,it will download another variant of Warezov from “madesunjinkdieonrunhasde.com”. We advise everyone should block this domain.
The email is also like the earlier:
Subject: Mail server report
Body:
Mail server report.
Our firewall determined the e-mails containing worm copies are being sent from your computer.
Nowadays it happens [...]