A Visual Basic worm that distributes through Microsoft Outlook and Internet Relay Chat (IRC) modifies the home page of Internet Explorer, according to security company Trend Micro.

VBS_Moon.L, a variant of VBS_Moon.A, primarily sends itself out using Microsoft Outlook email and via IRC using mIRC.

The worm is not considered destructive and is being given a low threat rating by Trend Micro. For technical details, visit this Trend Micro page.

Backdoor Krei Attacking Win XP And 2000

Krei is a backdoor Trojan that gives remote attackers access to a compromised computer. It only affects Windows 2000 and XP systems. Krei installs itself as a service using Service Control Manager. This makes sure that the backdoor will be run when the computer is started.

When Krei is active it listens on TCP port 961 waiting for the remote client to connect. After Krei had been installed on the system, the following key appears in the Registry:

'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmm32421'

For removal instructions and other information, visit F-Secure here.

Compiled by Esther Shein.