Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


PandaLabs Discusses A Trojan and Two Worms in its Weekly Malware Report

In its weekly malware report for June 2007 PandaLabs focuses on the BankFake.F Trojan, the first two variants of MSNHideOptions worm, and the Grogotix.A worm.

The BankFake.F Trojan is highly malicious because it corrupts nine financial entities. This malware spreads via e-mail or infected downloads. It creeps into PCs in the form of two small tortoises icon. The other Trojan examples are designed for phishing that steals users' bank account information. The latest examples are BanKey.A and BankFake.A.

While these two trojans run, they show a fake page on an online bank website. There the users are asked to key in their bank passwords and account numbers. Unsuspecting users who enter their information end up disclosing their data to fraudsters. To prevent any suspicion by the users, the trojans display an error message regretting a temporary error. This of course happens after the user has entered his data.

This action is a social engineering technique. Malware writers use different ways to lure users so that they infect themselves. Therefore users need to be very careful and simply not open messages they receive from unknown entities however tempting or curious they might be, advises Luis Corrons, technical director of PandaLabs. ComputingNews published this in the end week of May 2007.

When the Grogotix.A worm infects a PC, it creates six copies of itself and all stay on the system. Whenever the user reaches a folder the worm creates a copy of itself giving it the same name as the folder in the same directory and the one preceding it. Also whenever the user operates a file with a name as the original one, the worm again creates a copy of itself.

PandaLabs discovered the A and B versions of the MSNHideOptions worm, also in the first week of June 2007. This worm changes the first page of Internet Explorer where it conceals the Desktop icons and the clock from the alert area.

These Trojan viruses are dangerous in the way they can be easily modified to act on various banks, payment agencies, online casinos etc, said Corrons. HelpNetSecurity published Corron's statement in early June 2007.

Related article: PandaLabs Report Discusses Movie Trojan and Other Worms

ยป SPAMfighter News - 6/25/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page