More Malware Families exploits LNK Vulnerability

Antivirus firms are alerting that the virus writers are gradually using the exploit targeting the recently detected un-patched Windows LNK vulnerability in their new innovations. As per the security experts at firm "F-Secure", it is a disturbing fact that, till now, four new malware families like Chymine, Vobfus, Sality and Zeus, are trying to target the vulnerability.

It is noticed by the security researchers at F-Secure, that, Chymine is a new Keylogger. It adopts the LNK vulnerability to infect, however it does not develop more .LNK files to distribute. It has been named by the firm as, Trojan-Downloader:W32/Chymine.A.

The experts further describes Vobfus as a family of obfuscated worms, which was first detected in the year 2009 and it uses shortcut files as a social engineering method from the beginning, however it constantly required to be run by the users.

The third malware "Sality" is reported to be a complex, famous polymorphic computer virus. It harms the local executable files, deletes files linked with installed security-related software containing many anti-virus and firewalls. Next, it runs a keylogging technique, which accumulates system and network information stored in particular files and lastly distributes all the data to an already decided email address.

At last, there is Zeus, also known as Zbot, an information hacking computer Trojans, generally adopted by cybercriminals and fraudsters to withdraw money from their targets' hacked accounts. Zeus is normally distributed through spam emails and this new variety is also similar in that way.

It has been noticed by the "F-Secure" experts that Zeus is a difficult malware to fight, and this variant has not been detected by many vendors till now. Thankfully, the used exploit has been found by many and everything depends on social engineering and the victims opening a password restricted zip file and copying the lol.dll to the root of the C: as the path should be known (for the exploit to start working). "F-Secure's" security experts stated that they are not expecting major success for this Zeus variant, as reported by softpedia.com, on 27th July, 2010.

Related article: More Requests For Better E-Mail and Spam Control

» SPAMfighter News - 09-08-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial