BitDefender virus analysts warn users of P2P networks of a new threat.
The Ymeak.A worm has been spreading like wildfire, in part due to a
simple yet effective social engineering technique: it masquerades as
an installer executable of some popular program.
When it is first run, the worm displays a message ('The setup file is
corrupted') to lull the user into a false sense of security. It then
proceeds to download and install the RBot trojan. This done, the
trojan begins to spread itself from the victim's computer using any
of five file-sharing networks (Limewire, Shareaza, Bearshare,
Morpheus or Morpheus Ultra) as a vector and a new name.
"The bit of evil genius here is that the name for each new copy of the
worm is chosen at random from certain torrent and direct download
sites. This way, the worm will always have an attractive name, so
people will attempt to download and run it." declared Head of
Antivirus Lab Viorel Canja for BitDefender.
BitDefender users are not at risk and should let BitDefender antivirus
disinfect the infected files (if any are found).
Monday, April 23, 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment