The email appears to contain various subject lines, body-texts and attachment names, based on copies that MessageLabs has stopped. Naith attempts to disable certain security software, such as anti-virus or firewall products.
The program additionally launches a Web browser that opens the Avril Lavigne Web site. For more information about how widespread the virus is visit this MessageLabs site.
Also Known As Lirva
F-Secure is calling the same virus Lirva, with the aliases W32/Lirva.B, W32.Avril.A, W32. Naith.A, Avril and Avron. The mobile enterprise security services provider is ranking the virus as a level 2 alert, meaning it is causing large infections.
Lirva is a mass-mailing worm that uses several methods to spread including email, ICQ, Kazaa and mIRC and tries to spread through open shared Windows network drives.
Like MessageLabs, F-Secure has found Lirva has the functionality to disable several antivirus and security applications if it notices their presence. If the worm is active in the system it tries to steal passwords and then send them to an external email address.
Find out more here.
Backdoor.Drator No Big Threat
The Backdoor.Drator backdoor Trojan copies itself to the %Windir% folder and allows unauthorized access to the infected computer. The good news is the threat assessment is low, and removal of the trojan horse is easy, according to Symantec.
Systems not affected are Macintosh, OS/2, UNIX and Linux. Read technical details here.
Low-Level Worm
Panda Software is reporting the appearance today of the ExplorezipN worm. However, the threat level is considered very low.
For more information, check here.
Trend Micro, ISTS: Coast is Clear
Trend Micro and the Institute for Security Technology Studies (ISTS) at Dartmouth College are reporting no medium or high risk alerts Wednesday.
Loading Comments...