Symantec Discovers New PC Virus W32.Sapaq

The security company 'Symantec' on June 12, 2009 detected a freshly released computer virus named 'W32.Sapaq' that multiplies automatically and spreads infection to other PCs through computer networks even without the slightest user-participation.

The company's researchers state that normally viruses are generated devoid of any aim to change the settings on the infected PC as their only purpose is to proliferate. However, the new virus develops every day, with its 'payload' integrated inside its code.

Due to this kind of integration, viruses having payloads are so created that they do things beyond mere proliferation. Accordingly, they plant backdoors that allow a Trojan horse to infect systems and results in file encryption within an attack that performs cryptoviral extortion. Besides, they assist in transmission of the host computer's sensitive data through e-mail to a previously arranged designation e-mail within the code of the viruses.

In certain instances, the payload of the virus relates to a program that erases data files from the host PC or turns the infected PC into a "zombie" computer.

This 'zombie' subsequently allows the virus' progenitor to acquire control over the infected computer and its data files. Again due to this nature of the virus and the malware's potentially 'zombie' payload, the contaminated systems are frequently utilized as botnet PCs for sending junk or spam mails.

Meanwhile, the W32.Sapaq virus infects Microsoft's Windows operating system such as Windows 95, 98, 2000, ME, NT, XP, Server 2003 and Vista.

The malicious program's estimated size varies approximately between 81,439 and 81,463 bytes. Additionally, although Symantec has rated the virus as a "low" risk program, it could well pass off as a moderate threat due to the nature of its payload. The virus, alongside erasing files on the host machine craftily, creates other new files that could allow it to be called a moderate threat.

The security analysts from Symantec thus recommend that users should deactivate System Restore in Windows XP/ME to remain safe from becoming a victim of W32.Sapaq. Users should make their antivirus software up-to-date and then perform a comprehensive scan on their systems.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 01-07-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial