Articles Index - page 4
Gokar worm targets antivirus
Gokar worm targets antivirus processes, shutting down realtime protection
MyParty worm
Party pictures you don't want to see. MyParty is an email worm with a Uuencoded attachment
Anthrax virus
As if real Anthrax virus scare wasn't enough, antivirus vendors issue warnings about another type of anthrax.
Movie clip message a parasite
The spread of Internet Optimizer uses a ruse similar to Friend Greetings.
JS.Fortnight worm
The Fortnight worm arrives in the body of an html-rendered email, redirecting Internet Explorer to porn sites.
Perrun virus
Can a person become infected simply by viewing a .JPG? In some cases, the answer may be yes.
Do you Yahoo!?
Is Yahoo Messenger program vulnerable to exploit?
Virus Writing 101
The University of Calgary has decided to add Virus Writing 101 to their course offerings.
Where From Art Thou, Klez?
Klez spoofs the From address, making it difficult to determine its origin
Noony.A exploits user weakness
PandaLabs has discovered a new type of worm, dubbed Noony.A, that uses a mix of sophisticated social engineering and unconventional technical means to spread via IRC. The worm can also spread via email.
Bagle.AQ worm
Dubbed Bagle.AQ by antivirus vendor McAfee, this worm is also known as Bagle.AC (Trend Micro).
MyDoom.O / MyDoom.M worm
A new variant of MyDoom was discovered on July 26, 2004. Antivirus vendors are split on what to call it. Antivirus vendors Sophos and McAfee refer to the variant as MyDoom.O, while vendors Trend Micro and F-Secure had dubbed it MyDoom.M.
Debunking the Atak.B debunking
Though the antivirus industry is noted for almost unprecedented cooperation between competitors, occasional sniping does occur. The most recent example? The first reported by antivirus vendor BitDefender.
Bagle.AI worm
Bagle.AI is a mass-mailing email worm that uses its own SMTP
engine to spread. The worm also propagates over shared folders which contain the string 'shar' in their foldername, allowing the worm easy spread over P2P filesharing networks.
Bagle.AG
Bagle.AG, a.k.a. Beagle.AC (Symantec), was first discovered on July 17, 2004. Bagle.AG is a mass-mailing email wormthat uses its own SMTP engine to spread. The From address in the Bagle.AG email is spoofed.
Bagle.AF
Dubbed Bagle.AF, the mass-mailing email worm also spreads via P2P and shared folders containing the word shar in their name.
Bagle.AD worm
Bagle.AD (a.k.a. Beagle.Y) is a mass-mailing email and filesharing worm that sporadically attaches a copy of the worm's source code to the infected email it sends.
JS.Scob Trojan
A flaw in Microsoft IIS causes websurfers to be redirected to a malicious website that exploits additional flaws in Internet Explorer to force downloads of Trojans onto the system.
Zafi.B
Zafi.B is an email worm that also spreads by copying itself to folders
containing 'share' or 'upload' in its name. Zafi.B has a malicious payload, overwriting executables associated with antivirus and firewall software with copies of itself.
Plexus worms
The Plexus family of worms spread via email, network shares, and filesharing networks such as Kazaa. The worms exploit the LSASS vulnerability first exploited by the Sasser worm. Plexus.A, Plexus.B, and Plexus.C try to disguise themselves as frequently searched items - including masquerading as Shrek_2.exe.