Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

More Malware Families exploits LNK Vulnerability

Antivirus firms are alerting that the virus writers are gradually using the exploit targeting the recently detected un-patched Windows LNK vulnerability in their new innovations. As per the security experts at firm "F-Secure", it is a disturbing fact that, till now, four new malware families like Chymine, Vobfus, Sality and Zeus, are trying to target the vulnerability.

It is noticed by the security researchers at F-Secure, that, Chymine is a new Keylogger. It adopts the LNK vulnerability to infect, however it does not develop more .LNK files to distribute. It has been named by the firm as, Trojan-Downloader:W32/Chymine.A.

The experts further describes Vobfus as a family of obfuscated worms, which was first detected in the year 2009 and it uses shortcut files as a social engineering method from the beginning, however it constantly required to be run by the users.

The third malware "Sality" is reported to be a complex, famous polymorphic computer virus. It harms the local executable files, deletes files linked with installed security-related software containing many anti-virus and firewalls. Next, it runs a keylogging technique, which accumulates system and network information stored in particular files and lastly distributes all the data to an already decided email address.

At last, there is Zeus, also known as Zbot, an information hacking computer Trojans, generally adopted by cybercriminals and fraudsters to withdraw money from their targets' hacked accounts. Zeus is normally distributed through spam emails and this new variety is also similar in that way.

It has been noticed by the "F-Secure" experts that Zeus is a difficult malware to fight, and this variant has not been detected by many vendors till now. Thankfully, the used exploit has been found by many and everything depends on social engineering and the victims opening a password restricted zip file and copying the lol.dll to the root of the C: as the path should be known (for the exploit to start working). "F-Secure's" security experts stated that they are not expecting major success for this Zeus variant, as reported by softpedia.com, on 27th July, 2010.

Related article: More Requests For Better E-Mail and Spam Control

ยป SPAMfighter News - 8/9/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next