Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Sophos Discovers New Malware ‘True Love’

CheeHui, Security Analyst, SophosLabs, states that AU W32/AutoRun-AOG is a system worm that tries to proliferate to network shared devices using the name "True_Love.exe", as per the news by SOPHOS.COM on August 14, 2009.

The worm then attempts to copy itself to detachable shared devices like 'MsRun32.exe' and creates the file AUTORUN.INF on the detachable drive. The file AUTORUN.INF is made to operate the worm when the drive is joined to an uninfected system. CheeHui states in his blog post that Sophos detects the file AUTORUN.INF as Mal/AutoInf-A.

Besides other harmful activities performed by this worm, it also sends messages to the friends of the victim on Yahoo Messenger. These messages are finely written and packaged with an attached URL link that hosts malware. The message itself is very tempting and encourages the recipient to click on the attached mail link.

A few examples quoted by CheeHui as useful illustrations to comprehend the character of the messages sent by this harmful system worm in his blog pot include: "Ha ha ha click on link to laugh ..." "see this comedy joke click on this link" and "nice to listen .........."

CheeHui states that W32/AutoRun-AOG also spoils the Windows Task Manager of the infected system; prevents the access to registry of Windows, protects any process associated with the command and continues to muddle up registry settings which include adding functionality to make sure that the worm is being operated upon the next login.

Because of the wicked activities that can be carried out by this harmful computer worm, CheeHui suggests web users to be cautious of true love, chiefly one that is being divided liberally, claiming that one may never know when his system gets infected.

Actually, it is not only CheeHui of Sophos who has found a yet another AutoRun type. Security experts at Trend Micro state that MAL_OTORUN1 and MAL_OTORUN2 are two variants of MAL_OTORUN that bears characteristics and features identical to PC worms that abuse Autorun flaws in the Windows running system.

Related article: Spike in Attacks Causes Early Release of Windows Patch

» SPAMfighter News - 8/29/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Press Releases - IT Security News

Go back to previous page
Next
-->

Products

SPAMfighter
SLOW-PCfighter
FULL-DISKfighter
DRIVERfighter
VIRUSfighter
SPYWAREfighter
Anti spam / Anti virus business solutions

About

Company
Contact us
Press room
Support
Blog
Sign up for newsletters

Partnerships

Become a partner
Become a reseller
Find a reseller
Become an affiliate
White Label Software

Social media

Facebook
Twitter
Youtube
LinkedIn
© SPAMfighter 2003-2024    All rights reserved.    Privacy Statement    Sitemap