CONFICKER VARIANT DISPENSES WITH NEED TO PHONE HOME

Stealth variant Sidesteps MS-led takedown effort

Virus authors have released a new variant of the infamous Conficker (Downadup) worm with enhanced auto-update features.

The changes in the new strain of the malware, dubbed Conficker B++, make it possible for malware authors to push out new code without publishing it on pre-programmed sites, as with earlier variants. The earlier approach has been frustrated by the recent formation of an alliance led by Microsoft geared up to block and take down sites associated with the worm.

Keep reading “Conficker variant dispenses with need to phone home” »

Popularity: 2% [?]

Iksmas

Iksmas is what people who live near the Ik River is Russia call Christmas. Whoops, sorry. Iksmas is a nasty worm spreading onto computers all over the world.

According to Panda Security, the Iksmas worm is sent in an email saying that Barack Obama has refused to be president. This was posted on 19/01/2009 so the worm may now have a more topical subject that it uses to to trick you into opening a fake video, so be on the lookout for any news story in your inbox that sounds to good to be true. Also, don’t open anything called barakspeech.exe

Trying to manually remove the Iksmas worm is pointless as there is little information on what files to remove so I recommend you use Spyware Doctor to remove Iksmas for you.

Popularity: 3% [?]

ASPROX BOTNET DIALS INTO CONFICKER DOMAINS

Collusion or collision?

The zombie network created by the Conficker worm is yet to go “live”, but it’s displaying curious behaviour that yields potential clues to its origins and purpose.

Variants of the Conficker (Downadup) worm spread by exploiting a vulnerability in the Microsoft Windows server service patched by Redmond in October. It spreads across network shares and via infected USB sticks. The combined approach, allied with social engineering trickery, have made the worm the biggest problem of its kind for years, since the default activation of the Windows firewall put the brakes on the like of Nimda and Sasser.

Keep reading “ASProx botnet dials into Conficker domains” »

Popularity: 2% [?]

Lady_Eats_Her_Shit–www.youtube.com

Spywarevoid.com is reporting an infection called Lady_Eats_Her_Shit–www.youtube.com is circulating around Skype.

If you open this file than you deserve to to be infected so don’t expect me to be posting a link to the removal instructions.

Fine, but only because you’ll be sending malicious files to everyone on your contact list. You can remove Lady_Eats_Her_Shit–www.youtube.com using these instructions. Because shit sticks, you would be better off using Spyware Doctor to remove it.

(FYI: for some links to software we receive a commission. This is one of them. But we wouldn’t recommend Spyware Doctor if we didn’t think it would help.)

Popularity: 3% [?]

THREE HOSPITAL MYTOB WORM INFECTION DUBBED ‘SUBSTANTIVE FAILURE’

Entirely avoidable

A worm attack that forced three London hospitals to shut down their computer networks late last year was entirely avoidable and represented a major failing by the organizations’ IT staff, according to an independent review of the incident.

In mid-November, the Mytob worm wiggled its way into 4,700 PCs used by St Bartholomew’s (Barts), the Royal London Hospital in Whitechapel, and The London Chest Hospital in Bethnal Green, and this forced the hospitals to reroute ambulances and scale back some “non-essential activities” while the infection was being contained. In some cases, doctors had to resort to pen and paper backup systems.

Keep reading “Three hospital worm infection dubbed ’substantive failure’” »

Popularity: 1% [?]

US SCHOOL IN TOOTHLESS OBAMA WORM INFECTION

Round up the dweebiest suspects

Security experts reckon a new low-threat worm that displays the image of President Obama on infected desktops is the work of technically-knowledgeable pranksters.

Infections of the worm appear to be confined to scores of desktops at the same (unnamed) Illinois high school, which contacted its anti-virus supplier. The outbreak puzzled security US reseller Walling Data, which in turn brought in the expertise of AVG’s Roger Thompson.

Keep reading “US school in toothless Obama worm infection” »

Popularity: 2% [?]

SysAntivirus 2009

SysAntivirus 2009 is the latest fake anti-spyware that wants to con you out of your money.

Once it is on your computer, SysAntivirus 2009 will make your life hell by bombarding you with fake security alerts to trick you into buying the “full” version of Adware Eradicator.

You probably got SysAntivirus 2009 from a Trojan disguised as legitimate file that you downloaded; luckily you should be able to remove SysAntivirus 2009 with these instructions.

SysAntivirus 2009 is reported to generate the following popups:

“Spyware Alert! Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of SysAntivirus 2009 and remove spyware threats from your PC.”

“SysAntivirus 2009 alert
INFILTRATION ALERT: Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan-dropper or similar.
DETAILS: Attack from: 46.252.39.218, port 23272; Attacked port: 37481; Threat: Dealbar Toolbar
Do you want SysAntivirus 2009 to block this attack?”

“Insecure Internet Activity. Threat of virus attack!
Due to insecure Internet browswing your PC can easily You may be infected with viruses, worms and trojans without your k nowledge, which can lead to system slowdowns, freezes and crashes. Unprotected Internet browsing can result in your personal information being revealed without your knowledge or permission. To get full advanced real-time protection for PC and Internet activity, register SysAntivirus 2009.”

“Spyware alert! You are trying to download a file. This file may contain dangerous code and seriously damage your compuer. Downloading and running files from Internet may be dangerous. If you do not trust this download, do not open this program without activated antivirus software! It is strongly recommended to activate your seceity software to prvent malicious code execution and your private information damage.
Activate SysAntivirus 2009 Now [or] Stay unprotected.”

(FYI: for some links to software we receive a commission. This is one of them. But we wouldn’t recommend Spyware Doctor if we didn’t think it would help.)

Popularity: 2% [?]

CONFICKER BOTNET GROWTH SLOWS AT 10M INFECTIONS

Diary of the Dead

Infections as a result of the infamous Conficker (Downadup) worm have peaked at around the 10m PC mark.

Variants of Conficker use a variety of methods to spread, including exploiting the MS08-067 vulnerability in the Microsoft Windows server service patched by Redmond in October. Once it gets a foothold within corporate networks, Conficker is programmed to spread across local area networks. The worm also spreads between infected USB sticks and Windows PCs.

Keep reading “Conficker botnet growth slows at 10m infections” »

Popularity: 2% [?]

CONFICKER SEIZES CITY’S HOSPITAL NETWORK

Network-wide update ban invites worm infection

Exclusive  Staff at hospitals across Sheffield are battling a major computer worm outbreak after managers turned off Windows security updates for all 8,000 PCs on the vital network, The Register has learned.

It’s been confirmed that more than 800 computers have been infected with self-replicating Conficker code. Insiders at Sheffield Teaching Hospitals Trust said they suspect many more machines are affected but have not been reported to IT.

Keep reading “Conficker seizes city’s hospital network” »

Popularity: 2% [?]

“Barack Obama has refused to be a president” email

There is a nasty email circulating at the moment titled “Barack Obama has refused to be a president”. This is just to bait people into clicking the link in the email which will install “W32\Iksmas.A.worm” on your computer.

If you receive this email or anything smiler to it, remove “Barack Obama has refused to be a president” email immediately.

If you have installed the software that the “Barack Obama has refused to be a president” email want’s to you open, PandaLabs have a list of files to delete and websites to block.

(FYI: for some links to software we receive a commission. This is one of them. But we wouldn’t recommend Spyware Doctor if we didn’t think it would help.)

Popularity: 2% [?]

Next Page »