About us | Advertising | SecurityWatch
Home   Articles   Blog   Reviews   Press Releases   Security Tools   Sponsored Solutions
Press Releases
A new instant messaging worm could allow hackers to take control of computers, reports Panda Software
Thursday, 19 May 2005 20:17 EST

PandaLabs has reported the appearance of a new example of malware, Oscarbot.F, a worm that could allow a malicious user to take action on the infected computer, and which is designed for AOL Instant Messenger (AIM), a popular instant messaging application, especially in the United States. Panda Software's TruPreventTM Technologies have managed to block and eliminate this worm without having previously identified it.

This new variant of the Oscarbot family of worms, has ‘bot’ functions, executing orders that it receives from a remote user. Once installed on a computer, this malware creates a copy of itself in the Windows system folder, and edits certain registry keys to ensure that it is run as a service when the system starts up.

“The propagation of this worm follows the typical modus operandi of malware associated with instant messaging programs: once there is a connection to the Internet, it sends a message to all contacts connected to the affected computer containing a hyperlink, and from which a copy of the worm itself is downloaded or even other malware,” explains Luis Corrons, director of PandaLabs. However, in this case, propagation depends on remote orders: when the worm is run it connects to an IRC server where it receives commands ranging from the downloading and execution of files to propagation using AIM”.

This new variant confirms the increasing use made by malware creators of new forms of communication, such as instant messaging. Other examples, about which Panda Software has previously reported, include Bropia and Kelvir both of which have numerous variants. In this case, there would appear to be a dual motive for this malware, as with Bot functions. the distribution of Oscarbot.F. can contribute towards construction of ‘botnets’ which have numerous aims (typically sending spam, attacks on other machines, or downloading other malware), and through which the creators of the malicious code can obtain financial benefits.

To prevent infection by Oscarbot.F or any other malicious code, Panda Software advises all users to keep their antivirus software up-to-date. Panda Software has already made the corresponding updates to detect and eliminate this new malicious code available to clients.

Panda Software’s clients can already access the updates for installing the new TruPrevent™ Technologies along with their antivirus protection, providing a preventive layer of protection against new malware. For users with a different antivirus program installed, Panda TruPrevent™ Personal is the perfect solution, as it is both compatible with and complements these products, providing a second layer of preventive protection that acts while the new virus is still being studied and the corresponding update is incorporated into traditional antivirus programs, decreasing the risk of infection.

Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (http://www.pandasoftware.com/about/subscriptions/) and complete the corresponding form.

Featured Articles

VoIP Telephony: Benefits for Businesses
Voice-over-Internet Protocol, or VoIP service, has been talked about for a number of years but is now being adopted by mainstream businesses in order to save money as well as deploy powerful new capabilities for end-users.

Review: SmartLine DeviceLock
Businesses have spent millions protecting their corporate email and gateway servers from a vast range of security threats such as, malware and identity theft and data loss. But with USB memory, portable storage and media devices, IT professionals take no steps to monitor the usage of these devices, therefore ignoring the threat of internal security breaches at the network end-points.

Unified Threat Management will make IT Security Easier
Suddenly IT security has got far more complex. After all, a few years ago we were mostly worrying about spam. Now we can’t be sure what is going to hit us next after recent outbreaks of phishing, pharming and spyware.
Scan all company email for viruses, Trojans and worms with 4 virus engines, all in one package - GFI MailSecurity for Exchange/SMTP! Download your free 60-day trial today!

Check your website security with Acunetix Web Vulnerability Scanner. Audit your web applications for SQL injection, cross site scripting & more. Download trial!

Network Security Tools

Proactive Security Auditor
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks.


File Securer
File Securer is a powerful tool designed to protect your sensitive folder and personal file. With strong security, File Securer embeds the protect into windows system kernel, both on command mode and window mode, all work professionally.


Fiaif
FIAIF is an Intelligent Firewall. It provides a highly customizable script for setting up an iptables-based firewall.




What's up, IT? Blog

Uncovering Cyber Flaws
State of the security mart
When the hardware gets smart
Security for SMBs
Four Security Resolutions For The New Year
Symantec Readies Urgent Patch
Exploit Targets New phpBB Security Hole
VMWare: Virtual Machine Security Flaw 'Very Serious'
Writing Better Passwords
Microsoft, Tier 1 to Compete with Google-AOL

Copyright © IT-Observer.com 2000 - 2005    Privacy Policy | RSS Feeds
Site Meter