Brought to you by my friend
Rich Morris
Owner/Administrator
http://www.trafficheroes.com/index.php?referer=leroya2424a
The Nabload.COQ Trojan spreads through mails
that trick users into watching a YouTube video that parodies the
confrontation
between the King of Spain and the Venezuelan
president, Hugo Chavez, during the latest Latin American summit.
When users click the link, they introduce a copy of the
malware on their computer.
To fool users, the Trojan
displays a YouTube video while downloading malware onto the
system (the Banbra.FCK Trojan or the Banker.JSA worm).
The second malicious code captures the access credentials
of specific online banks;
when users try to visit the bank's
legitimate site,
it displays a spoof web page and sends
the passwords entered by users to malware creators.
Banker.JSA can also spread through instant messaging
programs.
To do so, it sends a message to all the infected user's
MSN Messenger contacts,
with a link and text such as:
"vistes las fotos que se sacaron los chicos?" and "sabes de que
se trata esto?".
When users click on the link, they
download a copy of the worm on the system.
Banker.JSA is also designed to copy itself onto P2P program
folders
using names such as, "Call_Of_Duty_2_" or
"The_Sims_Deluxe_" and spread through the network.
The Wallpaper.C Trojan, however, reaches computers with a
Windows folder icon.
It makes several copies of itself on
the computer, and creates several new entries in the Windows
Registry.
One of the registries allows it to run with every
system restart,
whilst others allow it to conceal the
Search option in the Start menu, the Folder options and other
system applications.
Wallpaper.C replaces the system screen background for a new
one with a picture of animals.
MSNWorm.BB spreads by sending a message with a link to the
infected user's MSN Messenger contacts.
When users click on
the link, they download a copy of the worm onto their
computer.
Instant messaging has become one of the main sources of
malware distribution.
Cyber-crooks know that these
applications are becoming increasingly popular
and are therefore
useful for reaching a large number of people.
To avoid being
infected, users are advised to type addresses directly into
the browser bar instead of clicking on links.
|
