PDA

View Full Version : Public service---virus threats (computer)


Hal
October 7, 2001, 06:07 AM
FWIW, and form your own opinion as to the relation to the WTC attack. I believe that at the very least, the several very nasty strains of mal-code are intentional forms of piling on. (lest any forget, Taliban means "students")

IMPORTANT DISCLAIMER I understand this borders on SPAM because of the commercial references contained in the text. I do not work for, nor do I sell Trend products. I do fully recommend them though. It has been my experience that they are effective without being overly intrusive.




V I R U S R E P O R T

(by the Trend Micro US Virus Research Group)
************************************************************************
------------------------------------------------------------------------
Date: October 5, 2001
------------------------------------------------------------------------

<SNIP of commercial content>
A fake email message claiming to come from SecurityFocus' ARIS system
and Trend Micro is being used to send a backdoor program disguised as Trend Micro's NIMDA fix tool, called FIX_NIMDA.EXE. This backdoor program creates
two Trojan files, TROJ_BIONET318.A and TROJ_HUKKEY.A. It also shares an I
nfected system's local drives C:\ through Z:\, which it hides with a dollar sign. These messages do not come from Security Focus or Trend Micro. Trend
Micro does not send emails with executable attachments, unless specifically requested to do so by individual customers.

This Trojan uses TROJ_HUKKEY.A to steal passwords and send emails. TROJ_BIONET318.A is a backdoor program that allows a remote hacker access to an infected system. It is also responsible for logging all keystrokes from the keyboard and for saving these keystrokes in a file.

This Trojan has been classified as low risk.

Trend Micro's authentic NIMDA fix tool, FIX_NIMDA.com, may be downloaded from the Web site at www.antivirus.com/vinfo/security/nimda_form/

For additional information about TROJ_JESTRO.A, please visit Trend Micro at:
www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_JESTRO.A.

TROJ_JESTRO.A is detected by Trend Micro pattern file #148 or #948.

3. 10 Most Prevalent In-The-Wild Malware Surveyed by Trend Micro US
(week of: September 24, 2001 to September 30, 2001)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. PE_MAGISTR.DAM
3. PE_NIMDA.A
4. VBS_HAPTIME.A
5. PE_MAGISTR.B
6. TROJ_BADTRANS.A
7. JS_NIMDA.A
8. TROJ_BLKSTONE.A
9. TROJ_NEWPIC.A
10. PE_MAGISTR.A

SPECIAL OFFER:
<SNIP of commercial content>

4. Top 10 Viruses Trend Micro's US Customers are Most Concerned About
(where systems were not infected)
------------------------------------------------------------------------
1. TROJ_VOTE.A
2. TROJ_SIRCAM.A
3. PE_MAGISTR.DAM
4. VBS_HAPTIME.A
5. PE_MAGISTR.A
6. JS_KAKWORM.A
7. TROJ_NEWPIC.A
8. TROJ_NAVIDAD.E
9. TROJ_HYBRIS.B
10. PE_NIMDA.A

5. Test Your Virus Knowledge & Scan Your Computer FREE!
<SNIP of commercial content>

Original content can be obtained at www.antivirus.com