Aurelija - Worm.Mefir Could be an E-mail Worm
Aurelija, an independent security professional, made a post on the PC1News blog on August 26, 2009 and warns that Worm.Mefir might be an e-mail-borne malware.
Explicating it, Aurelija states that similar to several e-mail-borne malicious programs, Worm.Mefir also infiltrates the user's PC via malevolent e-mail attachments, apparently promising some extremely interesting and useful information, videos or pictures. People, who act inquisitively, download these attachments, but end up getting their systems infected.
After the worm has settled on the user's system, the first thing it does is hunt the system for e-mail IDs to which it would dispatch messages with its own copy. Ordinarily, it means that the worm disseminates via the user's contacts and in this way, the infection cycle repeats again and again.
Interestingly, the worm has got many other names from various security companies. Thus BitDefender calls it Win32.HLLP.Downloader.A, AVG names it Downloader.Generic5.JBO; Kaspersky refers to it as Worm.Win32.Mefir.b while e-Safe names it Win32.Mefir.b. More monikers given are TrojanDownloader:Win32/Agent (Microsoft) and Generic Downloader (McAfee).
The country understood to be worst affected by the malicious worm is the United States, accounting for an overall 72,044 malicious threats from it. Other countries following the USA are China with 58,690 infections, and Japan and India, two rapidly progressing nations in computer software development with 34,172 and 32,384 infections respectively. Brazil contributed 24,444 infections, making it the fifth most attacked country. However, following these five nations of the world are France, Germany, United Kingdom, Italy and Russia.
Aurelija states that cleaning an infected computer manually is a hard job, therefore in case an end-user becomes infected but isn't technically astute, then he must avoid doing the cleaning by his own. Instead, it is recommended that he should download dependable security software online and install it to scan his computer for the worm or any other spyware because it is the most appropriate defense.
The final recommendation, although by no means less important, is that users should conduct careful browsing as well as do not click on e-mails from unknown sources, as it could lead to their systems becoming infected.
» SPAMfighter News - 21-09-2009