PDA

View Full Version : New worm discovered



SP8's
11-09-2010, 09:13 AM
Cut & Pasted from Yahoo News this morning .... link provided underneath and have a look at the comments .... not a lot of information provided/


A cunning new piece of rogue software is infecting computers, and travelling via the Internet.

Security firm Symantec has been tracking the malicious virus, which encourages users to click on a link sent by email.

The company says the worm can disable antivirus software, and replicate onto other computers on a network making them susceptible to other kinds of threat.

It says the bug has already started popping up on computers in New Zealand.

A cunning new piece of rogue software is infecting computers, and travelling via the Internet.

Security firm Symantec has been tracking the malicious virus, which encourages users to click on a link sent by email.

The company says the worm can disable antivirus software, and replicate onto other computers on a network making them susceptible to other kinds of threat.

It says the bug has already started popping up on computers in New Zealand.

A cunning new piece of rogue software is infecting computers, and travelling via the Internet.

Security firm Symantec has been tracking the malicious virus, which encourages users to click on a link sent by email.

The company says the worm can disable antivirus software, and replicate onto other computers on a network making them susceptible to other kinds of threat.

It says the bug has already started popping up on computers in New Zealand.

http://nz.news.yahoo.com/a/-/newshome/7922870/warning-over-new-computer-virus/

PENTIUM
11-09-2010, 12:15 PM
Yeh, right. No name too!

Speedy Gonzales
11-09-2010, 12:19 PM
Its got a name (http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10672646)

wainuitech
11-09-2010, 12:34 PM
The emails provide a link to a website purporting to offer shared PDF documents or movie files but which actually execute the virus when clicked upon.

Once activated, the worm attempts to send the email on to all of the contacts in a recipient's address bookOldest trick in the book for Viruses. Any good AV will delete it when it arrives.

The clever ones actually will activate if it gets past the AV to start with, as soon as the person selects the email to read or delete, no links need to be clicked.

fred_fish
11-09-2010, 12:59 PM
Oldest trick in the book for Viruses. Any good AV will delete it when it arrives.

The clever ones actually will activate if it gets past the AV to start with, as soon as the person selects the email to read or delete, no links need to be clicked.

But a retarded mail app needs to be used...

wainuitech
11-09-2010, 01:18 PM
Doesn't matter what mail app is used, and GOOD AV will pick up the infected mail and not allow it to come through.

fred_fish
11-09-2010, 01:22 PM
What?
How can you get infected by viewing text?
The only way is if the mail client executes code in the said email, and only retarded mail clients are designed that way.

Oh, OK, you mean the ones that use IE to render html... well what do you expect.

wainuitech
11-09-2010, 01:26 PM
There was a few viruses that were about not so long ago, that as soon as the infected email was selected, weather it be to read or to delete, it activated and did its "thing", you didn't have to click on any links as per this "new one".

Most good AV's picked it up when it was being downloaded, but AVG for one never caught it.

As for the html -- yep, but the majority of peoples email clients are set to read html anyway, not just plain text.

Speedy Gonzales
11-09-2010, 01:33 PM
Its probably the person's fault for being nosy, and clicking on it, in the 1st place.

If you dont know what it is, delete it or add the email if its got one to a spam filter. Thats one reason I use a program to tell me email has arrived. It shows the title thats it. If I dont know who its from, I can delete it. Without opening up an email program

fred_fish
11-09-2010, 01:40 PM
There was a few viruses that were about not so long ago, that as soon as the infected email was selected, weather it be to read or to delete, it activated and did its "thing", you didn't have to click on any links as per this "new one".
Well they don't activate by magic. The code needs to be executed. If the mail client is executing code it finds in emails without you telling it to, it is badly designed and has no place being on a modern PC.

wainuitech
11-09-2010, 02:17 PM
Well they don't activate by magic. The code needs to be executed. If the mail client is executing code it finds in emails without you telling it to, it is badly designed and has no place being on a modern PC. Fair enough comments -- I have seen that particular infected mail that activates simply by highlighting the mail on the following:

Outlook Express
Outlook (Pre 2007)
Thunderbird


As per speedy -- I use and suggest to customers - Mailwasher - it looks at the mails on the server, and you can delete which ones you want even before they can be downloaded.