Category: Worms
“It’s Immoral, but the Money Makes it Right,” says Apprehended Botnet Operator Jeanson Ancheta
“Bot Herder” Jeanson James Ancheta, the BotNet operator taken down by the Feds, told colleagues of operating the botnet of more than 400,000 infected PCs, “It’s immoral, but the money makes it right.”
Half-Million PCs Infected with Blackworm Code to Delete Files on February 3rd!
According to best estimates, as many as a half-million PCs world-wide are infected with a malicious “blackworm” code which is set to delete data from their hard drives on February 3rd. The worm, previously identified as the Kama Sutra worm, also known as Blackmal.E, Nyxem.E, Email-Worm.Win32.VB.bi, W32.Blackmal.E@mm worm, or W32/Nyxem-D, is set to wipe all Word, Excel, PowerPoint and PDF data from your hard drive! It’s being delivered in email with subjects like “School girl fantasies gone bad,” and “Re: sex video.”
Kama Sutra Worm Catches Windows Users in Compromising Position
The new Nyxem-D worm making the rounds has been dubbed the “Kama Sutra worm”, because it arrives in an email offering graphic sex images and videos. Also called Email-Worm.Win32.VB.bi, W32.Blackmal.E@mm worm, or W32/Nyxem-D, the email has such enticing subjects as “Kama Sutra pics!”, “Hot Movies”, “give me a kiss”, Miss Lebanon 2006″, “Part 1 of 6 Video clip”, “The Best Videoclip Ever”, “Arab sex DSC-00465.jpg”, “Fw: SeX.mpg”, “Fwd: Crazy illegal Sex!”, and “School girl fantasies gone bad.”
Sober Worm Convinces Pedophile to Turn Self In!
The Sober worm, and its fake email from the FBI, has accidentally caused a German pedophile to turn himself in!
Santa Worm Making the Rounds – You Better Watch Out!
You better watch out, you better not click – Santa Worm is coming to AIM. And the IM.GiftCom.All Santa Claus worm is targeting Yahoo and MSN messengers as well.
New AIM Worm Chats with You to Fool You
A new AIM worm, called IM.Myspace04.AIM, attempts to get you to download the clarissa17.pif file by appearing to interact with you. But give IM.Myspace04.AIM and clarissa17.pif the cold shoulder!
Fake Email from the FBI or CIA is Really a Worm, Not Steven Allison
The newest version of the Sober worm disguises itself as a fake email from the FBI or fake email from the CIA. Most come from Steven Allison.
AIM SDBot Worm Installs Lockx.exe RootKit, Takes You to eza1netsearch.com
A new AOL Instant Messenger worm, SDBot.add, installs the rootkit Lockx.exe on your computer. In addition to the root kit, the AIM worm changes your searchpage to https://web.archive.org/web/20070525203505/http://www.eza1netsearch.com:80/sp2.php at eza1netsearch.com.
Bagles and Locks: New Bagle Virus Rolls Across Internet (a/k/a Bagle.da and Bagle.cd)
The BagleDI-U trojan is showing up in a lot of places this week. Being called Bagle.cd or Bagle.da, and hidden in an attached file called either “price_new.zip”, “price2.zip” or “09_price.zip”, it’s turning up all over the place.
Mepe.A Instant Messenger Worm: Postcards from the Latino Edge
Mepe.A is an instant messaging worm which says “te mandaron un recado conmigo” (I’ve been asked to give you a message), but which really gives you an infection instead.
Yusufali-A Trojan Worm Censors Adult Surfing with Koran Verses
Yusufali-A is a new trojan worm which censors web sites by minimizing your browser window and displaying a verse from the Koran which includes the phrase “Yusufali: Know, therefore, that there is no god but Allah, and ask forgiveness for they fault, and for the men and women who believe”
Zen Neeon MP3 Player Infected with Windows Wullik Worm Virus
Wullik.B (W32.Wullik.B@mm) has infected the Zen Neeon MP3 player. Creative says that nearly 4,000 of the Zen Neeon MP3 players were shipped with the worm, and has issued a recall.
Zotob Botzor.exe and Mytob Worm Authors Arrested, Identified as Farid Essebar and Atilla Ekici
The Zobot Botzor.exe (a/k/a worm-rbot.cbq, rbot.cbq, and rbot.ebq) and Mytob worm authors are believed to have been arrested in Turkey and Morroco. Authorities in both countries, in cooperation with the FBI and Microsoft, arrested Farid Essebar and Atilla Ekici, using online nicknames Diab10 and Coder, who are believed to have authored the worms.
Online Game Community Targeted by Worm PrsKey.a
Online game community and security experts are warning about PrsKey.a, a keylogging worm which steals your username and password, and allows those behind it to steal all your game booty.
Zotob Botzor.exe Worm Removal Tool Offered by Microsoft
Microsoft has announced that they have just updated their Malicious Software Removal Tool (KB890830) to detect and remove the Zotob worm which brought down computer systems across the country this week. The Zotob worm has also been referred to in news reports as also Zobot, Botzor, Botzor.exe, worm-rbot.cbq, rbot.cbq, and…