CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Dangerous Stration Worm Spreads Critically Fast   Logged in as: Guest
Viewers: 606 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Security News >> Dangerous Stration Worm Spreads Critically Fast Page: [1]
Login
Message << Older Topic   Newer Topic >>
Dangerous Stration Worm Spreads Critically Fast - 10/25/2006 3:52:16 PM   
cadoo


Posts: 6810
Joined: 8/1/2006
From: Serbia
Status: offline
The extremely quickly spreading worm uses not only mass-mailing but also spreads via contacts in ICQ. It can also threaten functioning of security application in user's computer.

Right now the Internet is exposed to one of the biggest virus outbreaks of last months - Win32/Stration. ESET strongly recommends to all computer users to be at alert while working with the Internet. "The worm is able to send an ICQ message to your friend that would look like a message from you. Therefore it is necessary to be at alert when working with IM clients," says Juraj Malcho, Eset's virus analyst. There is a link in infected ICQ message and by clicking on it, Stration worm installs to the computer. Malcho adds that this method is on the decline.

At present the worm spreads mostly via e-mail. On the user's computer it searches the addresses where it sends itself. According to ThreatSense.Net, Eset's monitoring system, e-mails with these subjects can be infected:

Error, Good day, Hello, Mail Delivery System, Mail server report, Mail Transaction Failed, Picture, Server Report, Status, test

E-mail attachement is an executable file or ZIP archive. The attachement is often named on the basis of Update-KB-abcd-x86 scheme, where "abcd" can be a variable number. After opening the attachement the presence of the worm can be indicated by popping up a message about successful Windows update installation. "Last 24 hours we have registered every seventh e-mail as infected by Stration," says Juraj Malcho. Therefore ESET strongly recomends not to open attachements in spams or e-mails from unknown senders.

Another particularity of this worm is turning off the security applications, including ESET NOD32 Antivirus. Unlike other antivirus systems that do not inform their users about Stration's attack, ESET NOD32 pops up a warning window. Updated NOD32 is imune against Stration since virus signature database version 1.1816. This is due to ThreatSense heuristic technology able to identify and clean even its eventual mutations. Now there are dozens of them and new ones are still coming.


_____________________________


http://www.cdrinfo.com/
Post #: 1
Page:   [1]
All Forums >> [News Around The Web] >> Security News >> Dangerous Stration Worm Spreads Critically Fast Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.016