Virus from China Spreads through Photo Frames
Computer security provider Computer Associates said on February 15, 2008 that an insidiously natured computer virus called Mocmex is recently detected on digital photo frames. The virus, identified as a strong Trojan horse, arrived from China and is essentially designed to steal online games' passwords. Creators of virus could have some big targets in mind as well.
According to the Head of Product Development, CA, Brian Grayek, the people behind the new Trojan have a sound financial backing and their malware captures what they want without leaving any trace, as reported by Sfgate on February 15, 2008.
The Mocmex virus identifies and impedes antivirus solutions from over 100 security vendors. It also blocks firewall and security package of Microsoft Windows. It downloads content from remote sources and therefore, conceals content quite effectively. After that, it randomly changes names of those files on the computer it infects, thus making itself hard to remove.
Mocmex spreads by concealing itself on digital photo frames and passes to other types of detachable storage devices when they are attached to an infected system.
The power of the new Trojan demonstrates the skill of hackers and how focused they are on targeting digital appliances. These devices are providing them a better frontier for capturing information from a large number of unwitting computer owners.
Researchers at CA speculate that Mocmex might be used as an experiment before launching a bigger attack, as it is created to seize private, personal or financial data, although so far, it is only grabbing passwords for Internet games.
According to security vendor Prevx, headquartered in England, the Trojan has been found in the Russian Federation and Singapore as well and has as many as 67,500 variants. There are reports that it has been found in frames came for sale at Costco and Target, says a team of security researchers named SysAdmin Audit Network Security (SANS).
SANS researchers also said that apart from the new Trojan, there is W32.Rajump virus that installs the same malware, which damaged some video iPods of Apple during production in October 2006. The virus collects port numbers and IP addresses from infected computers and sends them to its master.
Related article: Virus Infects Through USB Drives
» SPAMfighter News - 22-02-2008