Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
07 November 2005  
Untitled Document
Sections

Market
Management
Technology
 Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Express Hospitality
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Technology - Article

Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same.

Panda Antivirus reports WeatherBug

WeatherBug is a program that installs the applications as MyWay on the affected computer. The program creates a shortcut on the desktop, which when clicked directs the user to a certain Web site that makes them into contracting Netscape as their ISP. The hacking tool affects Windows 2003/XP/2000/NT/ME/98.

McAfee reports Qhosts-47!hosts Trojan

The Qhosts-47!hosts Trojan reported by McAfee detects modification to the system hosts file and creates entries redirecting various banking related domains to 211.136.108.76.

Sophos reports Trojans related to banking

Troj/Banker-FY is an Internet banking Trojan reported by Sophos, which steals credit card details and records keystrokes by installing in the registry. Troj/Banker-FY affects Windows.

Sophos also reported on Troj/BankDI-0 a downloader Trojan for Windows that downloads code from the Internet. It aliases as Trojan-Spy.Win32.Banbra.ej

Troj/Banker-FZ, also reported by Sophos, is yet another banking related Trojan. It aliases as Trojan-Spy.Win32.Banbra.ek. By affecting the Windows platform, it steals the password and targets the customers of certain Brazilian online banking Web sites by logging any keystrokes entered into any forms at those Web sites as well as taking screen grabs.

F-Secure reports on Doombot.B

Doombot.B is a mass-mailer with IRC bot capabilities. It is similar to the Mybot family of worms. The infected messages come with subjects like account limitation, e-mail account suspension or security measures. It comes in an attachment file with pif or exe filenames.

Symantec reports Backdoor.Hesive.dr

Backdoor.Hesive.dr affects Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP. The Trojan is a malformed Microsoft Access database file that uses an exploit to drop Backdoor.Hesive. Once installed, it executes shell code to exploit the Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability. Backdoor.Hesive.dr creates and executes a copy as %Windir%\temp\csrse.exe.

Malware Top 10

BKDR_MOCBOT.A
WORM_KELVIR.CP
TROJ_DLOADER.AKR
WORM_SDBOT.CMJ
WORM_GOLDUN.B
WORM_NETSKY.AN
TROJ_YABE.B
TROJ_JUNY.B
WORM_MYTOB.MD
WORM_COMBRA.G

(Source: Trend Micro.
Period: October 18 to 24)

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.