Malware: Archive: January 2005 

1/31: Cissi-W An IRC Bot Worm

W32.Cissi.W is an IRC bot worm with back door capabilities that propagates through Windows network shares.

1/31: Trojan.Regger-A Modifies Settings

Trojan.Regger.A is a trojan program that modifies Windows registry settings to add a predefined list of domains into Restricted Sites Zone for Internet Explorer.

1/31: Unfunner-A Worm Moves Via MSN Messenger

W32.Unfunner.A is a worm that propagates using MSN Messenger and undoes the damages done by W32.Funner.

1/31: Mugly-I Worm Uses Own SMTP Engine

Worm_Mugly.I arrives and propagates via email.

1/31: Rbot-UW an IRC Trojan and Worm

W32/Rbot-UW is an IRC backdoor Trojan and network worm.

1/31: Mugly-H Worm Gathers Email Addresses

W32.Mugly.H@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer.

1/31: Backdoor.Ranky-S Uses Computer As Proxy

Backdoor.Ranky.S is a back door program that allows a compromised computer to be used as a covert proxy.

1/31: Sdbot-AO Trojan & Worm Lets Attacker In

Backdoor.Sdbot.AO is a worm with back door capabilities that gives an attacker remote access to the compromised computer via IRC channels.

1/31: Goldun-G a Password-Stealing Trojan

Troj/Goldun-G is a password stealing Trojan that steals bank details and sends them to a remote intruder.

1/31: Rbot-UU Worm Allows Unauthorized Access

W32/Rbot-UU is a network worm that also contains IRC backdoor functionality, allowing unauthorized remote access to the infected computer.

1/31: Vidlo-H Trojan Silently Downloads File

Troj/Vidlo-H is a downloader Trojan that attempts to silently download an executable file from a remote location via port 80 to the temporary folder and then execute this file.

1/31: Sober-J Worm Email in English or German

W32/Sober-J is a variant of the W32/Sober mass-mailing worm family for the Windows platform that harvests email addresses from the infected computer's hard drive.

1/31: VBS.Gormlez Worm Sends Copy of Itself

VBS.Gormlez@mm is a mass-mailing worm that sends a copy of itself to all email addresses in the Windows Address Book and attempts to spread through file-sharing networks.

1/31: Sober-K Worm Sends German Email

W32/Sober.k@MM is a new variant of the Sober worm and is written in VB.

1/31: Hebolani Trojan Exploits ANI File Flaw

Backdoor.Hebolani is a Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (BID 12233).

1/31: Worm_Rbot.AKW Spreads Through Shares

Worm_Rbot.AKW mainly propagates through network shares.

Digital Signatures Key to Solving Email Woes

Some say spam and phishing schemes are killing email. Columnist Ken van Wyk says the key to saving it is to start using digital signatures.

1/28: Forbot-DR Worm Has Backdoor Functions

W32/Forbot-DR is a network worm with backdoor Trojan functionality accessible via IRC.

1/28: Sdbot.Worm!166912 Spreading

W32/Sdbot.worm!166912 is a variant of W32/Sdbot.worm, and bears strong resemblance to the many other members of this rapidly growing family.

Blaster-B Worm Author Gets 18 Months in Jail

The man convicted of authoring the Blaster-B worm has been sentenced to 18 months in prison.

Apple Patches Holes in Mac OS X

Update fixes multiple vulnerabilities including 'at' commands, PHP holes and malicious pop-up windows.

1/28: Spybot-IVQ Worm Performs DDoS

W32.Spybot.IVQ is a worm that has distributed denial of service and back door capabilities.

1/28: Beagle-BA a Mass-Mailing Worm

W32.Beagle.BA@mm is a mass-mailing worm that also spreads to file sharing networks.

1/28: Wurmark-F Worm Arrives as Zip File

W32/Wurmark-F is a mass mailing worm that sends itself as a zip attachment to email addresses found on the infected computer.

1/28: Bobax-G Worm Uses Flaws to Spread

W32/Bobax-G is a worm for the Windows platform.

1/28: Gaobot.CRP Worm Installs TFTP Server

Gaobot.CRP is a worm that installs a TFTP server in the affected computer.

1/28: Wootbot-F Worm Exploits Microsoft Flaws

Worm_Wootbot.F takes advantage of two Microsoft vulnerabilities to propagate.

1/27: Forbot-DR Worm Accessible Via IRC

W32/Forbot-DR is a network worm with backdoor Trojan functionality accessible via IRC.

1/27: Beagle-AZ Worm Arrives As Attachment

W32.Beagle.AZ@mm is a mass-mailing worm that also spreads through file-sharing networks.

1/27: Bagle-BM Worm Expires April '06

Bagle.BM is a worm that affects Windows XP/2000/NT computers only, and its expiration date is April 25, 2006.

1/27: Mugly-G Worm Uses Own SMTP Engine

W32.Mugly.G@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer.

1/27: Bropia-C Worm Spreads Via MSN Tool

W32.Bropia.C is a worm that propagates using MSN Messenger and drops a variant of W32.Spybot.Worm.

1/27: StartPage-FX Trojan Modifies IE Settings

StartPage-FX is a Trojan that when executed, modifies the Internet Explorer search and start page settings to http://realsearch.cc

1/27: Bagle-BL Worm Affects XP, 2000, NT

Bagle.BL is a worm that affects Windows XP/2000/NT computers only.

1/27: Mydoom-AN Worm Spreads By Email, ICQ

W32/MyDoom-AN is a mass mailing worm that also attempts to spread via ICQ.

1/27: Bagle-AY a Peer-to-Peer Mass-Mail Worm

Several security vendors have issued alerts for W32/Bagle-AY, a mass-mailing and peer-to-peer worm.

1/27: Bagle-BK Worm Has Several Characteristics

W32/Bagle.bk@MM is a new variant of the Bagle family of worms and is a mass-mailing worm.

1/27: Bagle-BJ Worm a 'Medium Threat'

W32/Bagle.bj@mm is a mass-mailing worm whose risk assessment has been raised to medium by McAfee, due to increased prevalence.

1/27: Worm_Bropia-D Drops Other Malware

The memory-resident Worm_Bropia.D spreads via MSN messenger.

1/27: Rbot-AIX Worm Has Backdoor Functions

W32/Rbot-AIX is a network worm with backdoor functionality for the Windows platform.

Riding on Open Code, Bagle Worm Returns

The worm is flooding inboxes again.

1/26: Ahker-B Worm Disables Security Features

W32.Ahker.B@mm is a mass-mailing worm that sends itself to all addresses in the Windows Address Book.

1/26: Backdor.Berbew-P a Trojan Horse

Backdoor.Berbew.P is a Trojan horse program.

1/26: Worm_Preventivo-A Reboots XP

Worm_Preventivo.A spreads via email, network shares, mIRC, and Pirch.

1/26: Cisum-A Worm Ends Various Processes

Cisum.A is a worm that ends processes belonging to certain antivirus programs, firewalls, and other security tools, among others.

1/26: Troj/Agent-ZC Used to Send Spam

Troj/Agent-ZC is a Trojan for the Windows platform that can be used for sending unsolicited commercial email (spam) as a result of instructions downloaded from a preconfigured website.

1/26: Patco-A Worm Replaces Doc Files

W32/Patco-A is a worm for the Windows platform.

1/26: Kassbot-A Worm Has Backdoor Functions

W32/Kassbot-A is a network worm with backdoor functionality.

1/26: Forbot-DV Worm Connects to IRC Channel

W32/Forbot-DV is a member of the Forbot family of network worms with backdoor functionality.

1/26: Codbot-A Trojan Spreads Via Shares

W32/Codbot-A is a backdoor that contains functionality to spread via network shares.

1/26: Worm_Opossum-A Spreads Multiple Ways

Worm_Opossum-A spreads via email, network shares, mIRC, and Pirch.

1/25: Mydoom-AV Worm Performs Multiple Acts

W32/Mydoom.av@mm is a new variant of the Mydoom worm.

1/25: Mydoom-AG Worm Modifies Hosts File

Mydoom.AG is a worm that modifies the Hosts file, in order to prevent the user from accessing websites belonging to several antivirus companies.

1/25: Sdbot-TW Worm Has Backdoor Functions

W32/Sdbot-TW is a network worm with backdoor functionality.

1/25: Haxdoor-D Trojan Opens Door

Backdoor.Haxdoor.D is a Trojan horse program that opens a back door on the compromised system and allows unauthorized access to a remote attacker.

1/25: Rbot-UH Worm Seeks Weak Passwords

W32/Rbot-UH is a worm with backdoor functionality.

1/25: Bobax-E Worm Uses LSASS Flaw

W32/Bobax-E is a Sasser-like Windows worm that uses the LSASS security vulnerability (MS04-011) to propagate.

1/25: Mydoom-AM Worm Mass Emails Itself

Several vendors issued have alerts for W32/MyDoom-AM, a mass-mailing and peer-to-peer worm that emails itself as an attachment to addresses found on the infected computer.

2005 -- A Year for New Security Policies

Many security guidelines are expected to be published this year, and our new columnist, Penny Klein, walks you through a few that should make security management that much easier.

1/24: Mydoom-AL a Mass-Mailing Worm

W32/MyDoom-AL is a mass mailing worm that also attempts to spread via ICQ.

1/24: Crowt-A Worm Logs Keystrokes

Some security vendors have issued alerts for W32.Crowt.A@mm, a mass-mailing worm that opens a back door, logs keystrokes, and emails itself to all addresses in the Microsoft Outlook Address Book.

1/24: Worm_Agobot-AGK Exploits Windows Flaws

Worm_Agobot-AGK takes advantage of Windows vulnerabilities.

1/24: Sdbot-TV Worm Lets Hackers In

W32/Sdbot-TV is a network worm that contains IRC backdoor Trojan functionality, allowing unauthorized remote access to the infected computer.

1/24: Nodmin Worm Alters Computer Settings

W32.Nodmin@mm is a mass-mailing worm that alters computer settings and spreads via file sharing networks.

1/24: Blatic-A Worm Takes Remote Commands

W32.Blatic.A is a worm that spreads through network shares and has back door functionality allowing it to receive commands from a remote attacker through IRC channels.

1/24: Berbew-O Trojan Steals Passwords

Backdoor.Berbew.O is a Trojan horse program that steals passwords from a compromised computer.

1/24: Salga-B Worm Uses Outlook to Mail Itself

W32.Salga.B@mm is a mass-mailing worm that uses Microsoft Outlook to send itself to all the email addresses that it finds in the Outlook Address Book.

1/24: Rbot-UE Worm Has Backdoor Functions

W32/Rbot-UE is a network worm with backdoor Trojan functionality for the Windows platform.

1/24: Ahker-B Worm Spreads Via Email

Worm_Ahker.B is a variant of the Ahker worm and is known to propagate via email.

1/21: Worm_Rbot-AIW Generates IP Addresses

Worm_Rbot-AIW is a memory-resident worm that propagates across networks by exploiting vulnerabilities.

1/21: Rbot-UD Worm Lets Attacker Issue Orders

W32/Rbot-UD is a member of the W32/Rbot family of network worms.

1/21: VBS.Swerun Virus Overwrites .VBS Files

VBS.Swerun is a VBScript virus that attempts to overwrite all .vbs files on all drives with a copy of itself.

1/21: Forbot-DS Worm Spreads Via Shares

W32/Forbot-DS is a network worm that attempts to spread via network shares.

1/21: Rbot-UC Worm Exploits Weak Passwords

W32/Rbot-UC is a network worm and IRC backdoor Trojan for the Windows platform.

1/21: Kassbot-A Worm Exploits Several Flaws

W32/Kassbot-A is a network worm with backdoor functionality.

New Worm Dupes Users with CNN Headlines

A new worm out in the Wild is duping users by posing as breaking news headlines.

1/21: Sdbot-TS Worm Has Backdoor Functions

W32/Sdbot-TS is a member of the Sdbot family of the network worms with backdoor functionality for the Windows platform.

1/20: Gaobot.batch Worms Drop in Variants

Worms belonging to the Gaobot family use several methods in order to spread to other computers.

1/20: Trojan.Tannick-B Monitors Sites Visited

Trojan.Tannick.B is a Trojan horse program that monitors Web sites visited and sends the information to a remote attacker.

1/20: PWSteal.Tarno-L Trojan Logs Information

PWSteal.Tarno.L is a password-stealing Trojan horse program that attempts to log information entered into web forms.

1/20: PWSteal.Formglieder a Trojan Horse

PWSteal.Formglieder is a Trojan horse program with keylogging capabilities that steals passwords for several banking web sites and web applications.

1/20: RemAdm-DWRC Detects Unwanted Apps

RemAdm-DWRC is a detection of application type for 'potentially unwanted applications.' It is not a virus.

1/20: Sdbot-TQ Worm Has Backdoor Functions

W32/Sdbot-TQ is a network worm with backdoor functionality for the Windows platform.

1/20: Forbot-DR Worm Exploits LSASS Flaw

W32/Forbot-DR is a network worm with backdoor Trojan functionality accessible via IRC.

1/20: Bropia Worm Spreads Via MSN Messenger

Several vendors have issued alerts for W32/Bropia.worm, which may spread via MSN Messenger.

It's Time IT Seriously Battles Spyware

Spyware has become a serious drag on productivity. Wiping it out and blocking new infections now is a major job for IT. Here are some steps to take.

1/20: Oddbob-C Worm Contacts Web Site

W32/Oddbob-C is a worm for the Windows platform.

1/19: Admincash Trojan Lowers Security

Downloader.Admincash is a Trojan horse program that infects the Explorer.exe file, lowers security settings in Windows, and downloads adware and dialers.

1/19: Rbot-TW Worm Has Backdoor Functions

W32/Rbot-TW is a worm with backdoor Trojan functionality.

1/19: Rbot-TV Worm Spreads to Remote Shares

W32/Rbot-TV is a worm that attempts to spread to remote network shares.

1/19: Wurmark-D Worm Searches for Addresses

Worm_Wurmark.D propagates via email by searching for target email addresses in files with certain file name extensions.

Industry Groups to Powwow on Spyware

A coalition of trade associations, including the NAI and DMA, will convene a discussion of spyware next week.

1/19: Kassbot-A Worm Exploits Several Flaws

W32/Kassbot-A is a network worm with backdoor functionality.

1/18: Zar Worm Sends Tsunami Email

W32/Zar@MM is a mass-mailing worm that spreads via Microsoft Outlook, by sending itself to all addresses found in the Global Address Book.

1/18: Mydoom-AE Worm Modifies Hosts File

Mydoom.AE is a worm that modifies the Hosts file, in order to prevent the user from accessing websites belonging to several antivirus companies.

Another Worm Hits Online Tsunami Relief

Launches DoS attack on German domain Web site.

1/18: Zar-A Worm Launches DoS Attack

Several vendors have issued alerts for Zar.A, a worm that attempts to launch DoS (Denial of Service) attacks against the website www.hacksector.de.

1/18: Rbot-TS Worm Spreads to Weak Shares

W32/Rbot-TS is a member of the W32/Rbot family of network worms.

1/18: Baba-C Worm Has Trojan Component

W32/Baba-C is a mass-mailing worm with a backdoor Trojan component.

1/18: Rbot-TQ Worm Spreads to Remote Shares

W32/Rbot-TQ is a worm that attempts to spread to remote network shares.

1/18: MyDoom-AA a Mass-Mailing Worm

W32/MyDoom-AA is a mass mailing worm that can also spread using popular peer-to-peer networking applications.

1/18: Forbot-DM Worm Exploits LSASS Flaw

W32/Forbot-DM is a network worm with backdoor Trojan functionality.

1/18: Multidr-BP a Trojan Dropper

Troj/Multidr-BP is a multicomponent Trojan dropper for the Windows platform.

1/18: Agobot-XB an IRC Trojan & Network Worm

W32/Agobot-XB is an IRC backdoor Trojan and network worm.

1/18: Anzae-A a Spanish Mass-Mail Worm

W32/Anzae-A is a Spanish mass-mailing worm.

1/18: VBS.Rowam-A Trojan Deletes Files

VBS.Rowam.A is a Trojan horse that attempts to delete files and perform various nuisance actions, including sending email to all addresses in the Microsoft Outlook address book.

1/18: Trojan.Netdepix-B Downloads File

Trojan.Netdepix.B is a Trojan horse program that attempts to exploit the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) on randomly selected computers.

1/18: Lateda-B Trojan Executes Files

Backdoor.Lateda.B is a back door Trojan horse program that allows a remote attacker to download and execute files onto a compromised computer.

1/18: Mydoom-AI Worm Uses Own Engine

Some vendors have issued alerts for W32.Mydoom.AI@mm, a mass-mailing worm that uses its own SMTP engine to send itself to email addresses that it finds on a compromised computer.

1/18: Sdbot-TO Worm Runs in Background

W32/Sdbot-TO is a Windows worm that spreads via networks shares, drops files and contains backdoor functions that allow unauthorized remote access to the infected computer via IRC channels while running in the background.

1/18: IRC.Whisper-B Trojan Lets Attacker In

Backdoor.IRC.Whisper.B is a back door that allows an attacker unauthorized remote access to a compromised host through an IRC channel.

1/14 Abebot Trojan Lowers Security Settings

Backdoor.Abebot is a Trojan horse that opens a back door and lowers security settings on the compromised computer.

1/14: Mugly-E Worm Gathers Addresses

W32.Mugly.E@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer.

1/14: Mugly-D Worm Drops in Randex Variant

W32.Mugly.D@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer.

1/14: Mirsa-A Worm Spreads Via Email

Worm_Mirsa.A propagates via email.

1/14: Rbot-AGZ a Network Worm and Trojan

W32/Rbot-AGZ is a network worm and IRC backdoor Trojan for the Windows platform.

1/14: Baba-B a Mass-Mailing Worm

W32/Baba-B is a mass-mailing worm with a backdoor component.

1/14: Adw_Adroar-A an Adware Program

Adw_Adroar.A is an adware program that adds a Browser Helper Object (BHO) to automatically pop up advertisements from certain Web sites affiliated with AdRoar.com, which is an advertisement company.

1/14: Rbot-TL Worm Copies Itself to File

W32/Rbot-TL is a network worm and IRC backdoor Trojan for the Windows platform.

1/14: Mugly-F Worm Uses Own SMTP Engine

W32.Mugly.F@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer.

1/14: Myfip-F Worm Uses Network Shares

W32/Myfip-F is a worm that spreads using network shares that are either unprotected or protected only by weak passwords.

Big Spam Bust, Texas Style

State files multi-million dollar lawsuit against two of nation's largest e-mail operators.

The Spam Reality/Show

If CAN-SPAM is a "miserable failure," then so is legislation that prohibits everything from murder to jaywalking. It's high time for another reality check, because marketers can't afford to be naive.

1/13: Ranky-Q Trojan Uses System as Proxy

Backdoor.Ranky.Q is a back door program that allows a compromised computer to be used as a covert proxy.

1/13: Globe a Proof-of-Concept Trojan

Backdoor.Globe is a proof-of-concept Trojan that exploits the Microsoft Windows LoadImage API Function Integer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-002).

1/13: Downloader-UA.b Exploits DRM Technology

Downloader-UA.b is a multimedia file that takes advantage of an exploit in the Digital Rights Management (DRM) technology in the Windows Media Player.

1/13: Buchon-C Worm Has Several Traits

Some vendors have issued alerts for W32/Buchon.c@MM, a mass-mailing worm.

1/13: Rbot-T Worm Allows Unauthorized Access

W32/Rbot-TF is a worm for the Windows platform that provides unauthorized remote access to the infected computer through an IRC channels.

1/13: Wurmark-E Worm Arrives As Zip Attachment

W32/Wurmark-E is a mass mailing worm which sends itself as a zip attachment to email addresses found on the infected computer.

1/13: Expl_Iconex-A an Animated Cursor File

Expl_Iconex.A is Trend Micro's detection for an animated cursor file (ANI) that exploits the Vulnerability in 'Cursor and Icon Format Handling Could Allow Remote Code Execution.'

1/13: Downloader-UA.a a Multimedia File

Downloader-UA.a is a multimedia file that takes advantage of an exploit in the Digital Rights Management (DRM) technology in the Windows Media Player.

1/13: Linkbot-H Worm Exploits LSASS Flaw

W32.Linkbot.H is a worm that exploits the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) in order to propagate.

1/13: Agobot-AEK a Memory-Resident Worm

Worm_Agobot.AEK is a memory-resident worm that is another variant of the AGOBOT family that exploits the vulnerabilities discussed in Microsoft Security Bulletins.

Battling Spam with an Array of Weapons

Battling spam is no easy thing. It often takes more than one kind of tactic and more than one kind of weapon. Here's a look at the different multi-faceted approaches.

1/13: Sdbot-TG Worm Has Backdoor Ability

W32/Sdbot-TG is a worm with backdoor Trojan functionality.

1/12: PWSteal.Lineage Trojan Steals Password

PWSteal.Lineage is a password-stealing Trojan horse that attempts to steal the password to the 'Lineage' online game and send it to the creator of the Trojan.

1/12: W97M.Temha a Word 97 Macro Virus

W97M.Temha is a Word 97 macro virus that infects Microsoft Word documents and templates.

1/12: Kobot-B Worm Uses 3 Windows Flaws

W32.Kobot.B is a worm that spreads through open network shares, telnet, dameware, realserv, VNC, and niprint.

1/12: Bobax-D Worm Exploits LSASS Flaw

W32/Bobax-D is a Sasser-like worm that uses the MS04-011 (LSASS.exe) vulnerability to propagate.

1/12: Mugly-D Worm Drops IRC Backdoor

W32/Mugly.d@mm is an email worm is written in Visual Basic.

1/12: Forbot-DK Worm Runs in Background

W32/Forbot-DK is a network worm with backdoor functionality.

1/12: Buchon-C a Mass-Mailing Worm

W32/Buchon.c@MM is a mass-mailing worm.

Feds Hit Porn E-Mail Ring With Can Spam Law

Agency moves to shut down operations of porno spam ring operating out of Nevada, England and Latvia.

1/11: Sdbot-AJ Trojan Lets Attacker In

Backdoor.Sdbot.AJ is a network-aware worm with back door capabilities that spreads via network shares and allows a remote attacker to gain unauthorized access to the compromised computer.

1/11: Symbos_Vlasco-B Virus Hits Bluetooth

Symbos_Vlasco-B is a variant of Symbos_Vlasco.A and affects Series 60 mobile phones.

1/11: Symbos_Vlasco-C Virus Hits Phones

Symbos_Vlasco.C is Trend Micro's detection for files infected by Pe_Vlasco.A.

1/11: Lasco-A Worm Affects Cell Phones

Vendors have issued alerts for Lasco.A, a worm that only affects cellular phones that use the operating system Symbian.

1/11: Dimi Trojan Downloaded by Sober Worms

Trojan.Dimi is a Trojan horse that is downloaded by variants of the Sober family of worms. The Trojan may update the worm.

1/11: Agobot-OV Worm Connects to IRC Server

W32/Agobot-OV is a network worm with IRC backdoor functionality.

1/11: Rbot-TE Worm Runs in Background

W32/Rbot-TE is a worm that attempts to spread to remote network shares.

1/11: Wurmark-D a Mass-Mailing Worm

W32/Wurmark-D is a mass mailing worm that sends itself as a ZIP attachment to email addresses found on the infected computer.

1/11: WmvDown-A Trojan Installs Malware

WmvDown.A is a Trojan that downloads and installs malware in the affected computer.

Trojan Exploits Windows DRM

Video watchers may get an unexpected surprise from downloading from P2P.

1/11: WmvDown-B Trojan Targets Media Player

WmvDown.B is a Trojan that downloads and installs malware in the affected computer.

1/10: Spybot-HUR Worm Targets Bad Passwords

W32.Spybot.HUR is a worm that has distributed denial of service and back door capabilities.

1/10: Looked-B Worm Downloads File

W32.Looked.B is a worm that downloads a file and then infects .exe files.

1/10: Minit Trojan Creates a DLL

Trojan.Minit is a Trojan horse that creates a DLL, which will download and execute arbitrary code from a predetermined list of websites.

1/10: Gaobot.CKP Worm Lets Hackers In

Gaobot.CKP is a worm with backdoor characteristics that allows hackers to gain remote control over the affected computer and carry out actions such as command execution, download and execute files, log keystrokes, obtain different information on the computer, launch distributed denial of service (DDoS) attacks, etc.

1/10: Rbot-TD Worm Allows Unauthorized Access

W32/Rbot-TD is a worm that attempts to spread to remote network shares.

1/10: VBS/Mcon-G Worm Spreads Via IRC

VBS/Mcon-G is a worm that spreads via network shares and IRC channels.

1/10: Goldun Trojan Steals Users' E-Gold

Trojan.Goldun is a Trojan horse program that steals a user's authentication for e-gold.

1/10: Woned-A Worm Copies Itself to Folders

W32/Woned-A is a worm for the Windows platform.

1/10: Spybot-AAR Exploits Windows Flaws

Worm_Spybot.AAR is a worm that takes advantage of Windows vulnerabilities to propagate across networks.

1/10: Sdbot-SW Worm Spreads to Shares

W32/Sdbot-SW is a worm that attempts to spread to remote network shares.

1/10: Clicker-S a Memory-Resident Trojan

Troj_Clicker.S is a memory-resident Trojan that arrives in a system by being installed from a malicious Web site, or by being dropped by another malware.

1/10: Lnk_Acespades-A a File Infector

Lnk_Acespades.A is a file infector that arrives as an .LNK file.

1/7: XTS-B Trojan a Backdoor Server Program

Backdoor.XTS.B is a typical backdoor server program that allows a remote attacker to obtain unauthorized access to compromised systems.

1/7: Tjserv-C Trojan Opens Proxy Server

Backdoor.Tjserv.C is back door Trojan horse program that opens an HTTP and a SOCKS 5 proxy server on the compromised computer.

1/7: Agobot-ADH Worm Has Backdoor Ability

W32/Agobot-ADH is a network worm with backdoor functionality.

1/7: Trojan.Hako Sends ICQ Messages

Trojan.Hako is a Trojan horse program that sends ICQ messages with links to Web sites.

1/7: Tjserv-B Trojan a HTTP and SOCKSv5 Proxy

Backdoor.Tjserv.B is a HTTP and SOCKSv5 proxy.

1/7: Alets-B Trojan Gives Hacker Access

Backdoor.Alets.B is a back door Trojan horse program that allows a remote attacker to have unauthorized access to a compromised computer via IRC channels.

1/7: Rahack Worm Seeks Radmin Software

W32.Rahack is a worm that spreads to computers running Radmin software by exploiting weak passwords to connect to the Radmin server.

1/7: Sdbot-TB Worm Lets Hackers In Via IRC

W32/Sdbot-TB is a Windows network worm that contains backdoor functions that allow unauthorized remote access to the infected computer via IRC channels.

1/7: Feutel Trojan Downloads Files

Trojan.Feutel is a Trojan horse program that will hide its presence on the compromised system and download files from websites.

1/7: Symbox_Skulls.D Virus Hits Cell Phones

Symbos_Skulls.D is a variant of Symbos_Skulls and affects Nokia mobile phones with Series 60 Symbian operating system.

1/6: Agobot-OU Worm Has Trojan Ability

W32/Agobot-OU is a network worm with a backdoor Trojan component.

1/6: Rbot-SX Worm Spreads to Shares

W32/Rbot-SX is a Windows network worm that attempts to spread via network shares.

1/6: Trojan.Feutel Hides Its Presence

Trojan.Feutel is a Trojan horse program that will hide its presence on the compromised system and download files from websites.

1/6: Winxor-A Trojan Performs Remote Commands

Winxor.A is a backdoor that connects to an IRC server and waits for remote control commands, which will be performed on the affected computer.

1/6: Sdbot-SW Worm Spreads to Remote Shares

W32/Sdbot-SW is a worm that attempts to spread to remote network shares.

1/6: Troj/Corpse-A a Proxy Trojan

Troj/Corpse-A is a proxy Trojan.

1/6: Sdbot-TA a Network Worm, IRC Trojan

W32/Sdbot-TA is a network worm and IRC backdoor Trojan for the Windows platform which allows a remote intruder to access and control the computer via IRC channels.

1/6: Pikis-B Worm Comes as Attachment

W32/Pikis-B is a worm which spreads by emailing itself is an attachment to addresses harvested from the infected computer.

1/5: Santabot-A an IRC Backdoor Trojan

Troj/Santabot-A is an IRC backdoor Trojan that allows remote users access to the infected computer

1/5: Mirsa Virus Written in MSVB

W32/Mirsa@MM is a virus written in MSVB intended to propagate via email.

1/5: Rbot-SQ Worm Has Backdoor Abilities

W32/Rbot-SQ is a member of the W32/Rbot-Fam family of worms for the Windows platform with backdoor functionality.

1/5: Agobot-OT an IRC Trojan and Worm

W32/Agobot-OT is an IRC backdoor Trojan and network worm.

Is a Job in Security the Cure for Job Insecurity?

With IT professionals worried about the slack economy and the high number of jobs moving offshore, some analysts say the most secure position is one in the security arena.

Symantec, Veritas Leaders Tout Merger

CEOs discuss the strengths of a company offering security and back-up software to enterprise customers.

1/4: Forbot-DJ a Windows Network Worm

W32/Forbot-DJ is a Windows network worm that attempts to spread via network shares.

1/4: Sdbot-AI Worm/Trojan Lets Hackers In

Backdoor.Sdbot.AI is a network-aware worm with back door capabilities.

1/4: Puce-B a File Infecting Virus

W32/Puce-B is a file infecting virus.

1/4: Sdbot-SV Worm Spreads Via IRC

W32/Sdbot-SV is a member of the W32/Sdbot-Fam worm family with backdoor functionality via IRC channels.

1/4: Ranky-P Trojan Creates Covert Proxy

Backdoor.Ranky.P is a back door Trojan horse program that allows an infected computer to be used as a covert proxy.

1/4: Breacuk-E Worm Deletes Files

Breacuk.E is a worm that deletes files with an EXE, DLL, OCX and BMP extension, among others.

Spam King In Spyware Truce with FTC

Sanford Wallace agreed to only send ads to people who visit his companies' sites.

1/4: Trojan.Kility Disables Windows Function

Trojan.Kility is a Trojan horse program that disables the copy-and-paste function in Microsoft Windows.

1/4: Worm_Cellery-A Pops Out Game

Worm_Cellery.A is a worm that when run, pops out a Tetris-like game while playing a background music.

1/4: Asan-A Worm Hits Servers with phpBB

Asan.A is a worm that affects servers running a vulnerable version of the application phpBB that are already affected by the other worm, detected by Panda Software as PHP/Santy.A.worm.

1/3: Sdbot-SW Worm Hits Remote Shares

W32/Sdbot-SW is a worm that attempts to spread to remote network shares.

1/3: Hilin Worm Written in Visual Basic

W32/Hilin.worm is written in Visual Basic.

1/3: BeastDo-W Trojan Creates Hidden Threads

Troj/BeastDo-W is a backdoor Trojan for the Windows platform that creates several hidden threads within other processes that allow unauthorized remote access to the computer over a network.

1/3: Gift-C Worm Spreads Via Email

Worm_Gift.C propagates via email.

1/3: Zins Trojan Has Keylog Functions

Backdoor.Zins is a Trojan horse with keylogging functions for certain Internet banking Web sites.

E-Mail 2004: Year in Review and a Look Ahead to 2005

E-mail marketing saw more seismic changes in 2004 than ever before. A roundup of what happened and how it will affect e-mail in the coming year.

Security Firm Warns of IM Worm

Akonix says Chode-D is moving rapidly over public IM networks and could hijack users' computers.