Spamta Variants- Still Causing Headaches
Latest types of Spamta worms are being found by Panda Labs. Actually, 67 recent variations of this malevolent code have been detected in the last week of September, taking the number of distributed Spamta variations to nearly hundred. Help Net Security reported on October 5, 2006 that Spamta.Go is the recently detected version.
Each Spamta edition is identical, with the mere dissimilarities being the email contents they employ to lure, the bulk files that includes the malevolent codes, or the data files transferred to the machines. The flashed messages can also differ during processing.
For example, Spamta.CY accesses computers via email contents with different topics chosen indiscriminately from a number of alternatives. The content includes an admonition to end users that electronic messages are being dispatched from their computers because it is affected with a malevolent program.
This correspondence contains a file with indiscriminately selected name, such as doc.dat.exe, test.elm.exe, or body.zip that, in reality, has Spamta.CY. The worm accesses Windows Notepad and exhibits a string of meaningless inscriptions when the program is executed. Simultaneously, it searches for access codes stored on the computer to establish a link with a mail server and sends itself to stolen email addresses through its SMTP engines.
An earlier version, Spamta.X, is a malevolent code that transmits e-mails with topics such as: Mail transaction failure, Error, Mail Delivery System or Good Day.
The worm is concealed in an attachment along with the e-mails. This attachment has varying names and two filename extensions that are selected haphazardly from a number of alternatives. It also displays the typical icon of .txt files.
"It is a plan that began to get popularity at the start of 2005, with a variety of malevolent programs like Bropia. Hackers are actually trying to take benefit of limitations of conventional anti-virus wares. These wares can only discover earlier detected worms, and thus, have to be revised frequently. Consequently, a susceptibility window appears amid the two revisions, whence another worm can effortlessly affect a machine," informs the MD of Panda Software SA, Jeremy Matthews.
Related article: SpamThru Trojan & Warezov Virus Spike Spam Levels
» SPAMfighter News - 12-10-2006
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!