Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Kaspersky Lab Discovers New Kido’s Variants

According to Kaspersky Lab, a relatively new computer worm called Kido is already displaying changes in the way its Trojan component works as compared to its earlier versions.

Some variants of the virus are identified as Net-Worm.Win32.Kido.iq and Net-Worm.Win32.Kido.ip. The main function of the latest variant is that it generates a remarkably large number of distinct domain names with which it downloads regular updates. Thus, the virus' new version produced and contacted 50,000 malicious data compared to 250 produced and contacted by the earlier versions.

Vietnam branch of Kaspersky Lab states that the first variant of the new virus made a serious impact on businesses in Vietnam as it deactivated feature-recovery arrangement, prevented access to protected websites and installed malware on an infected computer. Besides, the virus spreads very fast as well as is extremely difficult to annihilate.

Meanwhile, to detect the virus' infection, Kaspersky Lab has provided some clues to users, which can help them to identify when they are hit by the worm.

The company says that when files like RECYCLED\{SID<...>}\RANDOM_NAME.vmx and autorun.inf appear on USB flashes or within the local computer network, it means that there is a Kido infection. Further, the worm saves itself on the target computer as a 'Dynamic-link library' (DLL) file that may appear as c:\windows\system32\zorizr.dll, said Kaspersky.

Moreover, the security specialists state that the malware registers itself within system services using any name, for instance 'knqdgsm', and finally attempts to strike the PC through the network access point.

Thus, to remain protected from it, Kaspersky suggests that users should deploy the relevant security updates for their computers' operating system along with antivirus software with up-to-date signatures.

In addition, the specialists said that Kido first emerged on January 2, 2009 and since then, over 9 Million computers worldwide have been found affected with its infection. Also, since then, many security companies have been constantly tracing the roots of the virus and reporting its variants and the extent of their threat. Meanwhile, Kaspersky's analysis shows that the virus is mutating and rising in number.

Related article: Kaspersky Released Malware Statistics for September 2008

» SPAMfighter News - 3/24/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page