New Data-stealing Nuwar Worm Found Active

According to a study by Panda ActiveScan online anti-malware system, a new variant of the Nuwar thieving worm is found to increase rapidly. The malware is also referred to as Storm worm.

PandaLabs' data reveals that while trojans accounted for 24.41% of all infections and worms caused 15.01% of them as apart from trojans being used for stealing user information, worms are also being increasingly used for the same purpose.

The figures above can be compared to that of 2007 when worm-driven attacks accounted for nearly 10% of all infections. This has been because of the more active Nuwar kind of worms, as suggested by PandaLabs' malware detection and analysis laboratory.

Further, according to PandaLabs, worms (computer) can proliferate rapidly and by its own. But as different from those responsible for epidemics, these worms don't try to damage computers or crash data traffic. Instead, they aim to grab confidential user data to help in online fraud crimes.

The worms usually come through socially engineered messages on current events. They also contain links leading to Web pages where other malware is automatically installed to steal data, or hoax pages like those in phishing schemes says PandaLabs.

One such worm, Nuwar.OL enters computers via e-mail. The e-mail contains a link pointing to a site where the malicious program is downloaded. Once the computer is infected with the worm, it distributes e-mails to all the contacts on the infected computer, thereby spreading quickly. As a result, this increases the network load that lowers the computer's speed.

The Nuwar.OL is technologically twisted through the involvement of search results on Google that help in evading security. So instead of e-mailing users a link channeled to a Trojan-hosting site, the botnet-creating malware simply adds the normal code for Google search results before the URL address. This helps to get past security filters.

According to Technical Director Luis Corrons for PandaLabs, the Nuwar.OL worm is very dangerous. Although its impact is more visible compared to trojans and is easy to neutralize, yet, the worm can launch indiscriminate attacks to quickly collect huge amounts of personal data, he said, as reported by CXOToday on February 5, 2008.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 15-02-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial