Weekly report on viruses and intruders

Mar 21, 2005 Channel Talk Comments (0)

In this weeks report on viruses and intruders we will be looking at three worms, Tobecho.A, Mytob.E; and Elitper.D.

Tobecho.A is a worm with some backdoor Trojan characteristics, as it listens for remote instructions through a TCP/IP port. These can be instructions to restart the system, download files, steal information from the compromised computer, etc. When it runs, it displays a false run-time error message.

Tobecho.A spreads via email, in a message that simulates a mail delivery error message and through the MSN Messenger program.

This worm also prevents users and the applications running on the computer from accessing the websites of certain antivirus and security companies. It also terminates certain processes including those belonging to variants of Netsky, Bagle and Blaster. Finally, Tobecho.A alters the settings of the affected computer and prevents users from accessing the Windows Registry Editor, as well as disabling remote administration of the computers passwords.

The second worm in this report is Mytob.E, which spreads via email. The message received by users try to trick them into thinking that they contain an interesting application (images, etc.). When users run the attachment, the computer will be infected.

To send itself to other users, Mytob.E looks for email addresses in files with extensions like HTM, HTML, TXT, etc.

The last interesting malicious code in this report is Elitper.D. It uses P2P file sharing programs, getting users to voluntarily download one of the files created by Elitper.D, thinking that it is some kind of interesting file, films , images, etc., when really they are downloading a copy of the worm onto their computer.

About PandaLabs
On receiving a possibly infected file, Panda Software's technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users. For more information: http://www.pandasoftware.com/virus_info/

Add a Comment

No messages on this article yet

Other Resources

IT Reseller

Established since 1997, IT Reseller is the industry-leading journal for the channel, dedicated to providing cutting-edge news and advice on a wide variety of vertical technology sectors. The editorial comprises exclusive reports on technological and market trends, together with contributions by leading solutions vendors and research analysts; helping resellers, VARs, systems integrators and distributors to secure a competitive edge by running their business more efficiently and more profitably. Regular technology themes include: Automatic Data Capture, RFID, Convergence Technology/Comms, Cloud Computing, Printing & Labelling, Document Management, Networking and UPS.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter

Find us on Social Networks

Useful links

Weekly report on viruses and intruders

Add a Comment

Related Channel Talk Articles

How to contact us

Other Resources

IT Reseller

Find us on Social Networks

Useful links

Channel News

Technologies

Verticals

Weekly report on viruses and intruders

Add a Comment

Related Channel Talk Articles

Let the news come to you!

How to contact us

Other Resources

IT Reseller