Pac is a P2P worm, backdoor and DoS (Denial of Service) attack tool. It travels from one system to another as an EXE bundle that acts as a dropper. When the dropper is run, it activates the embedded P2P worm.
The worm installs itself to a system as SYSTEM32.EXE file and it sets a hidden attribute to its file. To start its file during every Windows session, the worm creates startup keys for it in the Registry. Once active, the worm copies itself to shared folders of popular file sharing clients Kazaa and iMesh.
Read the name it uses and more information on this F-Secure Web page.
Worm_LOVGATE.A a Low Risk
LOVGATE.A is both a worm and backdoor program. To propagate, it drops copies of itself in network shared folders and subfolders.
As a backdoor, the malware opens a port, 10168 by default, allowing remote users to access and manipulate the affected system. It sends a notification to either of the following email addresses:
54love@fescomail.net
hacker117@163.com
Read technical details on this Trend Micro page.
Tang Worm Deletes Large Number of Files
Tang is a dangerous worm that usually reaches computers in an e-mail message with changeable characteristics, although it can also spread through IRC channels such as mIRC, pIRCH and VIRC and P2P file-sharing applications such as KaZaA, Edonkey 2000 or Morpheus. Despite its damage potential, it is presently being given a very low threat rating by Panda Software.
Tang searches certain directories for files with SCR, PIF, MP3, MP2, GIF, BMP, DIB, PNG, JPG, JPEG, JPE, TIF, TIFF, MPG, MPEG, MPE, AVI, MOV, TMP, TXT, LNK, BAT, MDB, PPT and PPS extensions and deletes the files. It can also act as a macro virus in order to infect the Office files used on infected computers. Since Tang is sent in a file attached to an e-mail message, it is easy to determine whether the worm has reached a computer.
Tang can use any one of six different messages. View them on this Panda Software site.
Compiled by Esther Shein.
Loading Comments...