Posted: May 4th, 2009 | Tags: Conficker, Malware, Virus | No Comments »
According to the report published today by Kaspersky Lab,it has been detected over 45 190 of unique harmful, advertising and potentially dangerous programs during last month. This digit practically does not differ from a metrics for March.
In a rating of twenty most widespread harmful programs worm Conficker known also as Downadup and Kido continues to the the leading position. By some estimations, Conficker could infect up to 20 million computers worldwide. The last days this worm has started to form the infected computers in a botnet for distribution of spam emails and spyware.
Read the rest of this entry »
Posted: February 20th, 2009 | Tags: Malware, Sality.AO, Virus | No Comments »
PandaLabs experts warns about growth of number of infections by virus Sality. AO and its modifications.
Malicious program Sality.AO combines dangerous infectious technologies of old viruses with the new technologies routed on reception of financial benefit by roguish way. After penetration on computer Sality.AO uses special methods of hiding, complicating detection of the malware program. So, for example, the virus adds it’s code into empty areas of files found on the infected computer.
Read the rest of this entry »
Posted: January 30th, 2009 | Tags: Botnet, Conficker, Malware, Virus | No Comments »
By estimations of the anti-virus companies, the quantity of infections with the sensational net worm actively travelling on the Internet and corporate networks of last 2-3 weeks, has reached 10 million computers. However the last some days speed of distribution of this harmful code has considerably decreased. We will remind that various variants of worm Conficker (Downadup) extend, maintaining vulnerability MS08-067 in Windows operating systems.
Read the rest of this entry »
Posted: December 26th, 2008 | Tags: Malware, Virus | No Comments »
Samsung company has warned that compact discs with the software for some models of digital photo frames can contain the Trojan program.
Harmful program W32.Sality.AE can get into system at installation from a compact disc of application Frame Manager for operating system Windows XP. Samsung asserts that the malware doesn’t work under Windows Vista.
Developers of security software have registered for the first time W32.Sality in April of this year. In due time updated anti-virus programs easily find out this harmful application.
According to the official prevention os Samsung, compact discs with the malware may be included into the package of photo frames of the following models: SPF-75H, SPF-76H, SPF-85H, SPF-85P and SPF-105P. The manufacturer recommends to refrain from installation from a disk and to download corresponding version Frame Manager from the download center of Samsung.
Malware developers choose the target of buyers of digital photo frames not for the first time. So, in the beginning of this year company Best Buy has stopped sales of photo frameks Insignia infected with a virus.
Posted: December 19th, 2008 | Tags: Malware, Virus, Worm | No Comments »
PandaLabs warns about mass dispatch of electronic letters with the harmful program P2PShared.U, disguised under messages from a network of restaurants of a fast food “McDonalds”.
In heading of the infected letters it is said that “McDonald’s” wishes addressees of happy Christmas. The letter text looks as follows: “McDonald’s” is glad to present you the last menu with huge discounts. Simply print the coupon from this message and go to the nearest McDonald’s for FREE gifts and FANTASTIC discounts ». Messages look so as if start with domain Mcdonalds.
The users, fallen for the bait malefactors and agreed to follow to instructions in the letter, instead of the discount in McDonald’s receive harmful program P2PShared.U Having got on the computer of a victim, this worm starts to dispatch the copies on the found e-mail addresses. Besides, P2PShared.U copies itself in the folders used by file exchange programs, under the names related to security applications, multimedia tools and so on. Thus, the user, tried to download any of these applications, gets infected also.
Posted: December 8th, 2008 | Tags: Malware, Virus | No Comments »
Computer security experts warn about the next splash in activity of the harmful program Koobface extending through social network Facebook.
Worm Koobface has been detected for the first time even in the summer, but in the end of last week a new modification of this malware was detected. Facebook user receives a message from somebody from his contacts-list, which ostensibly suggests to look an interesting video. Behind the link, specified in the message, the potential victim receives an offer to install update for the flash player, in order to have a possibility to watch the video. If the user agrees, the malware program installs itself on his computer.
When the Koobface is installed, it starts to load trojan components amd modules to collect the private data and confidentional information. In theory, with Koobface frauds can get user’s logins and passwords and turn the infected computer into a bot.
Facebook recomends it’s users to update their antivirus software and don’t follow suspicious links.
Posted: November 27th, 2008 | Tags: Malware, Security, Virus | No Comments »
The Microsoft Corp. warns about appearance of the new harmful program maintaining vulnerability in operating systems of Windows the patch for which has been released last month. About Microsoft building all is quiet.
The worm who has received name Conficker extends mainly in corporate networks so far, also hundreds cases of infection of computers of ordinary Internet users however are already reported. Conficker uses a hole which description contains in the bulletin of safety of Microsoft MS08-067. The problem is linked by that at processing of the inquiries of the remote call of procedures generated in special way (Remote Procedure Call) in Server service of program platforms of Microsoft there is an error allowing malefactors to capture a complete control over the computer of a victim.
Harmful program Conficker opens a random port between 1024 and 10000 and works as a web server. When the worm penetrates the computer, it masks itself as a JPG-file, and then writes itself to a disk under the pretext of library DLL. It is remarkable that, having got on the computer of a victim, Conficker installs a patch for vulnerability MS08-067. However in this case the worm cares at all of the owner of the computer — simply thus Conficker closes an opening for other harmful programs which can prevent its operation. The majority of messages on infection of computers with program Conficker while arrives from territory of the United States. Besides, the worm is noticed and in a number of other countries, including in Germany, Spain, France, Italy, Japan, Brazil and China.
