popopot
05-01-2007, 01:08 PM
http://news.google.com/news?imgefp=uyXA8ifzJkoJ&imgurl=www.kashar.net/newspics/virus6.jpg
Virus analysts at BitDefender®, an award-winning provider of antivirus software and data security solutions, have issued a warning to users of P2P networks. A new threat, the Ymeak.A worm has been spreading like wildfire, in part due to a simple yet effective social engineering technique: it masquerades as an installer executable of some popular programs.
When it is first run, the worm displays a message ('The setup file is corrupted') to lull the user into a false sense of security. It then proceeds to download and install the RBot trojan. This done, the trojan begins to spread itself from the victim's computer using any of five file-sharing networks (Limewire, Shareaza, Bearshare, Morpheus or Morpheus Ultra) as a vector and a new name.
"The bit of evil genius here is that the name for each new copy of the worm is chosen at random from certain torrent and direct download sites,” declared Viorel Canja, head of the Antivirus Lab for BitDefender. “This way, the worm will always have an attractive name, so people will attempt to download and run it."
:source: Source: http://www.theopenpress.com/index.php?a=press&id=18926
Virus analysts at BitDefender®, an award-winning provider of antivirus software and data security solutions, have issued a warning to users of P2P networks. A new threat, the Ymeak.A worm has been spreading like wildfire, in part due to a simple yet effective social engineering technique: it masquerades as an installer executable of some popular programs.
When it is first run, the worm displays a message ('The setup file is corrupted') to lull the user into a false sense of security. It then proceeds to download and install the RBot trojan. This done, the trojan begins to spread itself from the victim's computer using any of five file-sharing networks (Limewire, Shareaza, Bearshare, Morpheus or Morpheus Ultra) as a vector and a new name.
"The bit of evil genius here is that the name for each new copy of the worm is chosen at random from certain torrent and direct download sites,” declared Viorel Canja, head of the Antivirus Lab for BitDefender. “This way, the worm will always have an attractive name, so people will attempt to download and run it."
:source: Source: http://www.theopenpress.com/index.php?a=press&id=18926