Malware: Archive: February 2005

2/28: Conycspa-G Worm Executes Files

W32.Conycspa.G@mm is a mass mailing worm that downloads and executes files from the Internet.

2/28: Elitper-A Worm Uses MAPI

Some security vendors have issued alerts for W32.Elitper.A@mm, a mass-mailing worm that spreads using MAPI and through file-sharing networks.

2/28: Mytob Worm Harvests Addresses

W32.Mytob@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it retrieves from the Windows Address Book on the infected computer.

2/28: Trojan Lazar Downloads Programs

Trojan.Lazar is a downloader for other programs.

2/28: Agobot-QL Worm Lets Hackers In

W32/Agobot-QL is worm that attempts to spread to remote network shares.

2/28: PWSteal.Ldpinch-D Trojan Steals Info

PWSteal.Ldpinch.D is a Trojan horse program that attempts to steal information from an infected computer and send it to the author of the Trojan.

2/28: Mytob-B Worm Gathers Addresses

Some security vendors have issued alerts for W32.Mytob.B@mm, a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from the Windows Address Book on the compromised computer.

2/28: Mytob-A Worm Uses Own Engine

Some security vendors have issued alerts for Mytob.A, a worm with backdoor characteristics.

2/28: Rbot-UC a Worm and Trojan

W32/Rbot-UC is a network worm and IRC backdoor Trojan for the Windows platform.

2/28: Poebot-I Worm Usess Bad Passwords

W32/Poebot-I is a worm that attempts to spread to remote network shares with weak passwords.

2/28: Bropia-S Worm Uses MSN Messenger

W32/Bropia-S is a worm for the Windows platform that spreads using the MSN Messenger application.

2/28: MyDoom-BG Worm Has Backdoor

Some security vendors have issued alerts for W32/MyDoom-BG, a mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.

2/28: Forbot-CW Worm Hits Remote Shares

W32/Forbot-CW is a worm that attempts to spread to remote network shares and computers vulnerable to common exploits.

2/28: Spybot-KHC Worm Has DoS Ability

W32.Spybot.KHC is a worm that has distributed denial of service and back door capabilities.

2/28: Holcas-A Worm Emails Itself Out

W32.Holcas.A@mm is a mass-mailing worm that uses MAPI commands to send itself to all addresses found in the Microsoft Outlook Address book.

2/28: Mytob-C Worm Gathers Addresses

W32.Mytob.C@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from the Windows Address Book on the compromised computer.

2/25: Looked-C Worm Downloads File

W32.Looked.C is a worm that downloads a remote file and infects .exe files

2/25: Derdero-E Worm Uses Own Engine

W32.Derdero.E@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses gathered from a compromised computer.

2/25: Spybot-KAI Worm Uses File Sharing

W32.Spybot.KAI is a worm that propagates through file sharing networks.

2/25: Kipis-O Worm Arrives as Attachment

Worm_Kipis.O arrives as an email attachment.

2/25: Kelvir-A an Instant Messaging Worm

W32/Kelvir-A is an instant messaging worm.

2/25: Randex-CST Worm Targets Passwords

W32.Randex.CST is a network aware worm that spreads to network shares protected by weak passwords.

2/25: Sdbot-VN Worm Has Trojan Functions

W32/Sdbot-VN is a network worm with backdoor Trojan functionality for the Windows platform.

2/25: Stang-B Worm Affects Windows

Stang.B is a worm that ends the processes LSASS.EXE and SVCHOST.EXE, which belong to the Windows operating system.

2/24: MyDoom-BD an Email Worm

W32/MyDoom-BD is an email worm for the Windows platform.

2/24: Codbot-Gen Worms Have Backdoor

W32/Codbot-Gen detects worms of the W32/Codbot family.

2/24: Stang Worm Lowers Security Settings

W32.Stang is a worm that spreads via Microsoft's MSN Messenger instant message program, and attempts to terminate processes and lower security settings.

2/24: Dloader-IE a Windows Trojan

Troj/Dloader-IE is a downloader Trojan for the Windows platform.

2/24: Agobot-QE a Backdoor Trojan & Worm

W32/Agobot-QE is a backdoor Trojan and worm that spreads to computers protected by weak passwords.

Microsoft Makes Security Pledge -- Again

You IT professionals can stop worrying now. Your security woes soon will be a thing of the past. Haven't we heard this before?

Forget Spam. Have You Been Spimmed?

IM's version of spam gains a toehold.

Claria Exec Joins DHS Privacy Committee

Controversial pop-up ad firm to be represented on panel advising in privacy issues.

2/23: Sdranck-A a Multi-Component Worm

W32/Sdranck-A is a multi-component network worm that uses a member of the W32/Sdbot family to spread.

2/23: Worm_Ahker-E Spreads Three Ways

Worm_Ahker-E propagates using three techniques to rapidly spread copies of itself to target victims.

2/23: Bobaxx-A Worm Exploits LSASS Flaw

Worm_Bobaxx.A is known to exploit the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.

2/23: Sumina Trojan Drops Malicious Files

Download.Sumina is a Trojan horse program that downloads malicious files from a predefined Web site and injects malicious code into clean processes.

2/23: Anicmoo-B a Downloader Trojan

Trojan.Anicmoo.B is a downloader Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS05-002).

IE Phishing Exploit Reported

Secunia rated the latest IE vulnerability less critical.

2/23: Domwis-G Worm Gives Away Access

W32/Domwis-G is a network worm with backdoor functionality for the Windows platform that allows a malicious user remote access to an infected computer.

2/23: Assiral-A Worm Modifies System Settings

Assiral.A is a worm that modifies the settings of the affected computer: it prevents users from accessing the Windows Registry Editor, the Run option in the Start menu and the command line.

2/23: Assiral Worm Mass-Mails Itself

W32.Assiral@mm is a mass-mailing worm that sends a copy of itself to email addresses gathered from a compromised computer.

2/23: Stang-A Worm Spreads Via MSN IM

Worm_Stang.A propagates through MSN Instant Messenger.

FBI: We're Not Infecting You

A new version of the Sober worm is believed to be behind e-mails that supposedly come from G-man servers.

2/23: Dremn Trojan Logs Keystrokes, Steals Info

Trojan.Dremn is a Trojan horse program that attempts to log keystrokes and steal information.

2/22: Bropia-P Worm Monitors Messenger Activity

Some security vendors have issued alerts for W32/Bropia-P, a worm for the Windows platform.

2/22: Trojan.Goldun-C Logs Keystrokes

Trojan.Goldun.C is a Trojan horse program that attempts to log keystrokes and steal account information entered into forms on the www.e-gold.com domain.

2/22: Sdbot-VL Worm Performs Backdoor Functions

W32/Sdbot-VL is a worm with backdoor functionality.

2/22: MyDoom-BF Worm Sends Mass Emails

W32/MyDoom.bf@MM is another variant of the W32/Mydoom worm and is similar to previous variants.

2/22: Backdoor.Berbew-Q Steals Passwords

Backdoor.Berbew.Q is a Trojan horse program that steals passwords from a compromised computer.

2/22: Dumaru-Y Detects MIME-Encoded Files

W32.Dumaru.Y@mm!enc is an .enc detection for MIME-encoded files that contain the W32.Dumaru.Y@mm worm.

2/21: Forbot-EG Worm OKs Remote Access

W32/Forbot-EG is a network worm that also contains IRC backdoor Trojan functionality, allowing unauthorized remote access to the infected computer.

2/21: Bropia-Q Worm Spreads Via IM

Like the earlier Bropia variants, Worm_Bropia-Q is a memory-resident worm that spreads copies of itself via MSN messenger, a popular instant messaging application, using attractive file names.

2/21: Derdero-B Worm Uses File Sharing

W32.Derdero.B@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the Windows Address Book.

2/21: Sober-K Worm Sends Emails in German

Several security vendors have issued alerts for W32/Sober-K, a mass-mailing worm that sends itself to addresses harvested from the infected computer.

2/21: Rbot-WF Worm Uses Weak Passwords

W32/Rbot-WF is a worm with backdoor Trojan functionality.

2/21: MyDoom-BE Worm Harvests Addresses

W32/Mydoom.be@MM is a variant of W32/Mydoom that is similar to previous variants.

2/21: Sober-M Worm Sends Foreign Emails

Sober.M is a worm that spreads via e-mail, in a message written in English or German.

2/21: MyDoom-BA Worm Uses SMTP Engine

W32.Mydoom.BA@mm is a mass-mailing worm that uses it own SMTP engine to send email to addresses that it gathers from the Windows Address Book on a compromised computer.

2/21: Derdero-C Worm Gathers Addresses

W32.Derdero.C@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the Windows Address Book.

2/21: Sober-I Worm Written in Visual Basic

W32/Sober.I@MM is a new variant of the Sober worm and is written in VB.

2/21: MyDoom-BC an Email Worm for Windows

W32/MyDoom-BC is an email worm for the Windows platform.

2/18: PE_Deadcode-A Infects All .EXE Files

PE_Deadcode.A infects all .EXE files (executable file) in the same folder where it has been executed in.

2/18: Assiral-A Worm Sends ''Love Letter''

W32/Assiral-A is a mass mailing worm that attempts to spread itself by sending emails with certain characteristics to addresses found in the victim's address book.

2/18: Bropia-R Worm Displays Pornography

Worm_Bropia.R, like the earlier Bropia variants, spreads copies of itself via MSN messenger, a popular instant messaging application.

Sybari: Enterprise Messaging Security with Smarts

What made Microsoft crack open the checkbook for Sybari? A look at their email and IM anti-virus technology provides some answers.

2/18: Trojan.StartPage-I Changes IE Front

Trojan.StartPage.I is a Trojan horse program that attempts to change the Internet Explorer home page and related registry keys.

2/18: Kipis-I an Email Windows Worm

W32/Kipis-I is an email worm for the Windows platform.

2/18: Poebot-H Worm Hits Remote Shares

W32/Poebot-H is a worm that attempts to spread to remote network shares with weak passwords.

2/18: MyDoom-AS Sends Itself As Attachment

W32/MyDoom-AS is a mass-mailing and peer-to-peer worm that emails itself as an attachment to addresses found on the infected computer.

2/18: Doxpar Worm Has DoS Capabilities

W32.Doxpar is a network-aware worm that has distributed denial of service and back door capabilities.

2/17: MyDoom-AX Worm Uses Own SMTP Engine

W32.Mydoom.AX@mm is a mass-mailing worm that uses it own SMTP engine to send email to addresses that it retrieves from the Windows Address Book on the infected computer.

2/17: MyDoom-AU Worm Spreads Via Email

Similar to earlier MyDoom variants, Worm_MyDoom.AU propagates via email messages.

2/17: Sdbot-SB Worm Has Backdoor Component

W32/Sdbot-SB is a member of the W32/Sdbot family of worms with a backdoor component.

MyDoom Back For More

The MyDoom virus is on the prowl again in a medium way.

2/17: MyDoom-AO Worm Targets Win 2003/XP/2000/NT

Security vendor Panda Software has issued a high threat alert for MyDoom.AO, a worm that affects Windows 2003/XP/2000/NT computers only.

2/17: MyDoom-BB Worm Downloads Trojan

W32/Mydoom.bb@mm is a variant W32/Mydoom of the Mydoom family of worms.

2/17: Poebot-A Worm Has Backdoor Functions

W32/Poebot-A is a network worm with backdoor Trojan functionality for the Windows platform.

2/17: Sdbot-VH Worm Targets Weak Passwords

W32/Sdbot-VH is a network worm with backdoor functionality for the Windows platform.

2/17: MyDoom-O an Email Worm

W32/MyDoom-O is an email worm.

2/17: Rbot-WB Worm Has Trojan Functions

W32/Rbot-WB is a worm with backdoor Trojan functionality.

2/17: Derdero-A Worm Grabs Email Addresses

W32.Derdero.A@mm is a mass-mailing worm that uses it own SMTP engine to send email to addresses that it retrieves from the Windows Address Book.

2/17: Bkdr_Surila-O a Backdoor Program

Bkdr_Surila.O is a memory-resident backdoor program that may arrive on a system as a downloaded file of Worm_MyDoom.BB.

2/16: Tabela-A Trojan Grabs Email Addresses

Trojan.Tabela.A is a Trojan that steals email addresses from the infected computer.

2/16: Lineage-D a Password-Stealing Trojan

Troj/Lineage-D is a password-stealing Trojan for the Windows platform.

2/16: Worm_Aimdes-C Spreads Via AIM

Like its predecessors, Worm_Aimdes.C is a new variant of the Aimdes family that propagates via AOL Instant Messenger (AIM).

2/16: Worm_Aimdes-B Sends File To IM Users

Similar to its predecessor, Worm_Aimdes.A, Worm_Aimdes.B propagates via AOL Instant Messenger (AIM).

2/16: Spyboter-A Trojan Opens Back Door

Backdoor.Spyboter.A is a Trojan horse program that opens a back door on the compromised computer and may be remotely controlled via IRC channels.

2/16: Spybot-JPB Worm Has DoS Ability

W32.Spybot.JPB is a network-aware worm that has distributed denial of service and back door capabilities.

2/16: Forbot-EC Worm OKs Remote Access

W32/Forbot-EC is a network worm with backdoor functionality for the Windows platform.

2/16: PurScan-V Trojan Downloads Adware

Troj/PurScan-V is a downloader for an advertising-related application.

2/16: Codbot-C a Backdoor Trojan

W32/Codbot-C is a backdoor Trojan containing functionality to spread via network shares.

2/16: Backdoor.Wortbot Allows Remote Access

Backdoor.Wortbot is a Trojan horse program that opens a back door and allows unauthorized remote access to a compromised computer.

2/16: Ahker-D Worm Uses MAPI to Send Itself

W32.Ahker.D@mm is a mass-mailing worm that uses MAPI to send a copy of itself to email addresses gathered from the compromised computer.

Microsoft May Bundle Up Protection

Redmond may be tying its existing security applications together.

2/16: Trojan.Anicmoo Exploits Windows Flaw

Trojan.Anicmoo is a downloader Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS05-002).

2/15: Codbot-B Backdoor Spreads Via Shares

W32/Codbot-B is a backdoor that contains functionality to spread via network shares.

2/15: Gaobot-CYX Worm Has Backdoor Traits

Gaobot.CYX is a worm with backdoor characteristics that belongs to the Gaobot worm family.

2/15: W97M.Lebani Virus Infects Word Docs

W97M.Lebani is a macro virus that infects Microsoft Word documents and the MS Word global template.

2/15: Trojan.Rplay-A Downloads Remote File

Trojan.Rplay.A is a Trojan horse that downloads a remote file and lowers security settings on a compromised computer.

2/15: W97M-MJ Macro Worm Uses mIRC

W97M.MJ is a macro worm that attempts to spread using mIRC, the Windows Internet Relay Chat (IRC) client.

2/15: Trojan.KillAVE-E Installs BHO

Trojan.KillAV.E is a Trojan horse that installs a Browser Helper Object (BHO) and disables security software.

2/15: Randex-COX a Network-Aware Worm

W32.Randex.COX is a network-aware worm that spreads to network shares protected by weak passwords.

Gates Outlines Microsoft Security Plans

Microsoft Chairman Bill Gates says a new version of Internet Explorer, along with a new anti-spyware technology, will continue his company's fight against phishers, spammers and virus writers.

Sentivist IPS Takes Datamation Security Award

NFR Security's Sentivist intrusion prevention system was the top choice among Datamation voters in the Product of the Year 2005 Enterprise Security category, turning back a strong bid by Digital Defense's Frontline 3.0.

2/14: Troj/LowZone-O Changes Browser Settings

Troj/LowZone-O is a Trojan that changes browser security settings and connects to pre-determined websites.

2/14: Sdbot-UZ Worm Has Backdoor Functions

W32/Sdbot-UZ is a network worm with backdoor Trojan functionality for the Windows platform.

2/14: Banker-EY Trojan Steals Web Information

Trojan_Banker.EY attempts to steal Internet banking account information, such as user names and passwords.

2/14: PWSteal.Bancos-P Trojan Steals Bank Info

PWSteal.Bancos.P is a Trojan horse program that logs keystrokes and steals information entered into certain banking Web sites.

2/14: PWSteal.Bancos-O Trojan Logs Keystrokes

PWSteal.Bancos.O is a Trojan horse program that logs keystrokes and steals information entered into certain banking Web sites.

2/14: Dopbot-A Worm A Acts as IRC Bot

Worm_Dopbot.A is the first variant of the WORM_DOPBOT family.

2/14: Aimdes-A Worm Spreads Via AOL IM

W32.Aimdes.A@mm is a simple worm that propagates via AOL Instant Messenger and email.

2/14: VBS/Mcon-G Worm Spreads Via Shares, IRC

VBS/Mcon-G is a worm that spreads via network shares and IRC channels.

2/14: Bropia-N Worm Spreads Via MSN IM

Trend Micro has received several reports of Worm_Bropia.N, a new worm spreading via instant messenger.

2/14: Mydoom-AM Worm Ends Security Processes

Mydoom.AM is a worm that ends processes belonging to certain security tools, such as several antivirus programs and firewalls.

2/11: Aimdes-A Worm Spreads Via IM

Worm_Aimdes.A is a memory-resident worm that propagates via AOL Instant Messenger (AIM) by sends a copy of itself to all available or online contacts in an affected user's Buddy List.

2/11: Agobot-PR an IRC Trojan, Worm

W32/Agobot-PR is an IRC backdoor Trojan and network worm.

2/11: MyDoom-AU Worm Uses SMTP Engine

W32.Mydoom.AU@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses that it gathers from a compromised computer.

2/11: PNGBO Detection For PNG Images

PNGBO is a generic detection for images in PNG format that attempt to exploit the Vulnerability in PNG processing.

2/11: Rbot-VT Worm Has Backdoor Ability

W32/Rbot-VT is a network worm with backdoor functionality for the Windows platform.

2/11: Rbot-TF Worm Lets Hackers In

W32/Rbot-TF is a worm for the Windows platform that provides unauthorized remote access to the infected computer through an IRC channels.

2/11: Spybank-A Dropped By Other Trojan

Troj_Spybank.A is a memory resident Trojan that is usually dropped by another Trojan, specifically TROJ_SMALL.WD as the file ASH.DLL in the Windows system folder.

2/11: Bropia-M Worm Uses MSN Messenger

Like the earlier Bropia variants, Worm_Bropia.M is a memory-resident worm that spreads copies of itself via MSN messenger, a popular instant messaging application, using attractive file names.

2/10: Backdoor.Netshadow a Backdoor Program

Backdoor.Netshadow is a back door program that allows a remote attacker to take control of the compromised computer.

2/10: Trojan.Eneles a Trojan Horse

Trojan.Eneles is a Trojan horse program that continuously displays a message box and copies itself to the A drive.

2/10: Mydoom-AS a Mass-Mailing Worm

W32.Mydoom.AS@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on the compromised computer.

2/10: PWSteal.Bankas.A a Password-Stealing Trojan

PWSteal.Bankash.A is a password-stealing Trojan horse that attempts to log usernames and passwords from certain financial Web sites.

2/10: Agobot-PQ Worm Has Backdoor Functions

W32/Agobot-PQ is a network worm with backdoor functionality for the Windows platform.

2/10: Rbot-VQ Worm/Trojan Spreads Many Ways

W32/Rbot-VQ is a network worm and IRC backdoor Trojan for the Windows platform.

2/10: Kipis-J Worm Uses Own SMTP Engine

W32.Kipis.J@mm is a mass-mailing worm that that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer.

2/10: Sdbot-UW Worm Targets Weak Passwords

W32/Sdbot-UW is a worm with backdoor Trojan functionality.

2/9: MyDoom-AK Worm Turns Off Security

Mydoom.AK is a worm that ends processes belonging to several antivirus programs, firewalls and other security tools.

2/9: MyDoom-AR Mass-Mailing, P2P Worm

Several security vendors have issued alerts for W32/MyDoom-AR, a mass-mailing and peer-to-peer worm that emails itself as an attachment to addresses found on the infected computer.

2/9: Worm_Bropia-H Hits Via MSN Messenger

Worm_Bropia.H is a memory-resident worm that arrives via Microsoft Network (MSN) Messenger.

2/9: Bropia-J Worm Drops Itself in Folder

Worm_Bropia.J is a memory-resident worm that propagates via Microsoft Network (MSN) messenger.

2/9: Worm_Sdbot-Any Uses Network Shares

Worm_Sdbot.Any is a memory-resident worm that may arrive on a system as a dropped file of WORM_BROPIA.I.

2/9: Bropia-I Worm Drops Other Malware

Like the earlier BROPIA variants, Worm_Bropia.I is a memory-resident worm that spreads copies of itself via MSN Messenger, a popular chat application.

2/9: Rbot-ALO Worm and Trojan for Windows

W32/Rbot-ALO is a network worm and IRC backdoor Trojan for the Windows platform.

2/9: Bloodhound.Exploit.25 Detection for XP Flaw

Bloodhound.Exploit.25 is a heuristic detection for the Microsoft Office XP HTML Link Processing Remote Buffer Overflow Vulnerability (which is described in Microsoft Security Bulletin MS05-005).

SpamAssassin Takes Top Anti-Spam Honors

The non-profit Apache Software Foundation's free SpamAssassin filtering software was the runaway favorite among voters in the Anti-Spam category of this year's Datamation Product of the Year Awards.

2/8: Wallz Worm Exploits LSAS Flaw

W32.Wallz is a worm that attempts to exploit the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (described in Microsoft Security Bulletin MS04-011).

2/8: Rbot-ALJ a Memory-Resident Worm

Worm_Rbot.ALJ is a memory-resident worm that may arrive from network shares.

2/8: Bropia-L Worm Spreads Via MSN Messenger

W32.Bropia.L is a worm that propagates using MSN Messenger and drops a variant of W32.Spybot.Worm.

2/8: Agobot-PN Worm Spreads to Network Shares

W32/Agobot-PN is a worm that attempts to spread to remote network shares.

2/8: Rbot-UC Worm/Trojan Spreads Many Ways

W32/Rbot-UC is a network worm and IRC backdoor Trojan for the Windows platform.

2/8: Chimo-A a Windows Trojan

Troj/Chimo-A is a Trojan for the Windows platform.

2/8: MyDoom-AR Worm Uses Own SMTP Engine

W32.Mydoom.AR@mm is a mass-mailing worm that that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer.

2/8: Sober-J Worm Harvest Email Addresses

W32/Sober-J is a variant of the W32/Sober mass-mailing worm family for the Windows platform that harvests email addresses from the infected computer's hard drive.

Microsoft AntiSpyware: Separated at Birth

Is Microsoft's AntiSpyware beta program enough to protect your company's PCs against the intrusion of threatening malware?

McAfee Girds For Microsoft Competition

President of anti-virus vendor says he's prepared to compete with Microsoft's purchase of AV vendor Sybari.

Microsoft to Buy Anti-Virus Vendor Sybari

2/8: Rbot-VO Worm Has Backdoor Functions

W32/Rbot-VO is a worm with backdoor Trojan functionality.

2/7: Baley-A Trojan Steals Information

The Baley-A Trojan uses a chat service to steal other users' passwords.

2/7: Rbot-VM Worm Records Keystrokes

The Rbot-VM worm not only records keystrokes, but lowers system security at the same time.

2/7: Agobot-PI Worm Changes Data

Sophos Inc. is updating its alert on the Agobot-PI worm, which is getting a medium-threat rating.

2/7: LegMir-Z Virus Downloads Code

The LegMir-Z virus, which has gained a medium-threat level, reduces system security.

2/7: Bropia-F Worm Uses MSN Messenger

The Bropia-F worm monitors the status of MSN Messenger and sends itself to the user's Messenger contacts.

2/7: Traxg-C is a Mass-Mailing Worm

The Traxg-C worm sends itself out to addresses found on the infected computer.

2/4: Shine-B Trojan Shuts Down Security

The Shine-B Trojan lowers system security and modifies data on the infected computer.

2/4: Ahker-B Worm Downloads Code

The Ahker-B worm affects Windows sytems, downloading code from the Internet.

2/4: Protorid-AB Worm Allows Remote Access

The Protorid-AB worm turns off anti-virus applications and allows remote access to the infected computer.

Spamhaus Accuses MCI of Hosting Spam Gangs

Spamhaus Project blasts ISP over hosting policy. MCI counters that it's not in the business of censoring Internet content.

2/3: Bropia-E Worm Installs Another Worm

Bropia.E is a worm that installs another worm, detected by Panda Software as W32/Gaobot.CTX.worm, on the affected computer.

2/3: Bropia-J Worm Drops Spybot Variant

W32.Bropia.J is a worm that propagates using MSN Messenger and drops a variant of W32.Spybot.Worm.

2/3: Bropia-G Worm Uses MSN Messenger

W32/Bropia.worm.g propagates through MSN messenger and drops a variant of W323/Sdbot.worm.gen.t worm.

2/3: Worm_Agobot-AJC Copies Itself

Worm_Agobot.AJC is a memory-resident worm that propagates itself via MSN Messenger by sending a copy of itself using different file names to all available or online contacts.

2/3: Bobax-H a Sasser-Like Worm

W32/Bobax-H is a mass-mailing Sasser-like worm that uses the MS04-011(LSASS.exe) vulnerability to propagate.

2/3: Rbot-VC Worm Gives Remote Access

W32/Rbot-VC is a member of the Rbot family of worms for the Windows platform that also contain backdoor functionality, allowing unauthorized remote access to the infected computer via IRC channels while running in the background as a service process.

2/3: Trojan.Comxt-B Downloads Remote Files

Trojan.Comxt.B is a Trojan horse program that downloads remote files.

2/3: Rbot-VD a Worm and a Trojan

W32/Rbot-VD is a network worm and IRC backdoor Trojan for the Windows platform that spreads using a variety of techniques.

2/3: Rbot-SQ Worm Has Backdoor Abilities

W32/Rbot-SQ is a member of the W32/Rbot-Fam family of worms for the Windows platform with backdoor functionality.

2/3: Worm_Agobot-AJD Drops Copies of Itself

Worm_Agobot.AJD spreads by dropping copies of itself in several network shared folders, using cached user names and passwords to gain access.

'Critical' Patches For Windows, Messenger on Deck

Monthly patch and fixes for February include flaws or vulnerabilities in Windows Media and Messenger.

2/3: Bropia-D An MSN Messenger Worm

W32/Bropia-D is an MSN Messenger worm for the Windows platform that spreads by sending itself to the MSN Messenger contacts.

Virus Poses as Saddam Hussein Death Photos

A worm is quickly spreading in the wild in an email that claims to have attached photos of Saddam Hussein killed in an escape attempt.

Virus Sign: Roast Chicken with a Bikini Line

If your MSN Messenger displays a picture of a roast chicken with a bikini tan line, your computer is infected.

2/2: Steal.Sagic-B Trojan Steals Yahoo Info

PWSteal.Sagic.B is a Trojan horse program that attempts to steal Yahoo! Instant Messenger passwords and information about the infected computer.

2/2: Sdbot-UN Worm Has Backdoor Functions

W32/Sdbot-UN is a worm with backdoor functionality.

2/2: Symbos_Locknut-B Hits Mobile Devices

Symbos_Locknut.B is Symbian malware that can infect mobile devices running the Symbian 7.0s Operating System and can propagate via Bluetooth.

2/2: SymbOS.Locknut Trojan Crashes Devices

SymbOS.Locknut is a Trojan horse program that uses a vulnerability to cause devices running Symbian OS v7.0 to crash.

2/2: Symbos_Locknut-A Hits Symbian Devices

Some security vendors have issued alerts for Symbos_Locknut.A, Symbian malware that can infect mobile devices running Symbian OS v7.0s but does not propagate.

Phishers Focusing in on New Targets

No longer satisfied with running banking scams, phishers are focusing their sights on the health care industry and utilities in their ever-expanding attempts to rip off users.

Popular Blog Defaced

Flaw in log analysis software led to attack of blogger Jeremy Zawodny's site.

2/2: Rbot-VD Worm/Trojan Spreading

W32/Rbot-VD is a network worm and IRC backdoor Trojan for the Windows platform.

2/1: Mydoom-AO Worm Uses Own SMTP Engine

W32.Mydoom.AO@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on the compromised computer.

2/1: Bobax-F a Sasser-Like Worm

W32/Bobax-F is a Sasser-like worm that uses the MS04-011 (LSASS.exe) vulnerability to propagate.

2/1: Symbos_Gavno-B is Symbian Malware

Symbos_Gavno.B is Symbian malware that can infect mobile devices running Symbian 7.0 Operating System and can propagate via Bluetooth.

2/1: Agobot-PI Worm Hits Weak Passwords

W32/Agobot-PI is a network worm with backdoor functionality for the Windows platform.

2/1: Trojan Banito-E Has Keylogging Functions

Troj/Banito-E is a backdoor Trojan with keylogging functionality.

Zafi-D Worm Tops January Virus Charts

For the second month in a row, the Zafi-D worm took the top spot in the Top 10 ranking of the worst malware in the Wild.

2/1: Worm_Pinom-C Modifies Windows Registry

Worm_Pinom.C is a new variant of the backdoor detected by Trend Micro as BKDR_IRCBOT.GEN.

2/1: Symbos_Gavno-A Infects Mobile Devices

Symbos_Gavno.A is Symbian malware that can infect mobile devices running Symbian 7.0 Operating System.