Microsoft MSRT Releases Eight New Malware Families for H2-2008

Microsoft Security Intelligence Report (Edition 6) included 8 new families of malware to the list of MSRT in H2-2008. These families were added as the Microsoft researchers believed that these are or will be ubiquitous enough to rationalize their involvement in the list of MSRT New Families in H208. As per Microsoft, these families operate on several thousand systems around the globe every month.

Win32/Horst attacked around 235,318 systems during July 2008. The real motive of this family was to send spam. In general, the content of spam messages promoted online pharmacy retailers.

The report also informs that other tasks of the family are installing, malware circulation and mail account registration by CAPTCHA bypass. The malware has been circulating on the web since 2004 but it has now improved its functionalities.

Moreover, Win32/Matcash caused disorder on several thousand systems. This principally harmful application typically penetrates a system through unsure means and security exploits, which further ease the decisive installation of supplementary malevolent applications. The malware is capable of installing spyware, adware and other malware from various servers and sources on the web.

Microsoft researchers state that this nasty code was added in their list during August 2008 after it had caused havoc on almost 217,610 systems.

Win32/Slenfbot is one more malicious code included by Microsoft in their list of "New Families in H2-08" after the code targeted 598,178 systems during September 2008. Win32/Slenfbot is botnet software that supervises an Internet Relay Chat (IRC) for instructions, a method that has been employed by malware family.

After reports of infecting 183,858 systems during October 2008 by Win32/Rustock, Microsoft included it in the list. The malware is a multi-component family of rootkit enabled backdoor Trojans, which were traditionally designed to help in the circulation of spam mail.

Apart from the above mentioned, three families linked with rogue security software were included in the MSRT in H2-08 - Win32/FakeSecSen, included in November 2008, and Win32/FakeXPA and Win32/Yektel, included in December 2008. Jointly, these 3 families were responsible for infecting almost 2 Million systems in H2-08. Win32/Gimmiv is a new family of harmful Trojan that was include in Microsoft's list during November 2008.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 5/5/2009