Go Back   Webmaster Forums UK SEO SEM Webmaster Community Forum - UKWW > Business Discussions > Computer and Software Forum
Virus Alert -Gaobot.IUF and Prex.AM- Virus Alert -Gaobot.IUF and Prex.AM-
Register FAQ Members List Downloads Calendar Today's Posts Webmaster Resources Webmaster Blogs
 
 

Computer and Software Forum computer software forums, operating systems including Linux, Windows, FreeBSD, MAC, Linux, Unix, office applications, MS Office, Open Office, Word Perfect etc.
Sub Forums :: Microsoft and Windows Related

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-08-2005, 01:01 PM
ovi
Guest
  
Posts: n/a
Exclamation Virus Alert -Gaobot.IUF and Prex.AM-
MADRID, July 8, 2005 - This week's report looks at two worms -Gaobot.IUF and Prex.AM-, a vulnerability in JAVAPRXY.DLL, a keylogger called Application/KeySpy, a program called Application/GoldenKeyLog, and the Banker.XP Trojan.

Prex.AM spreads through the MSN Messenger instant messaging application.
Gaobot.IUF can spread through a range of channels including shared network resources protected with weak passwords.

One notable feature of Gaobot.IUF and Prex.AM is that they spread together using a single RAR file. If the file is run, it is decompressed automatically and generates two files containing the worms which from then on, take a series of actions including the following:

- Gaobot.IUF creates a backdoor and connects to an IRC server, where it waits for commands (to gather information about system hardware, to steal registration codes for certain games, etc.) from a remote attacker.

- Prex.AM sends, using MSN Messenger, messages with the text: "hmm like my friend said dont look ahaha, SICK pictures", and a link to an Internet address. If the user clicks on this link, the file containing both malicious codes is downloaded onto the computer.

The security problem that we are looking at today -and which Microsoft has reported in the SecAdv903144 security bulletin- affects the JAVAPRXY.DLL file, a component of Internet Explorer in computers with Windows 2003/XP/2000/Me/98. Versions 5.01, 5.5 and 6 are affected.

This vulnerability, which can be exploited through a specially-crafted web page, could allow an attacker to take control of the affected computer with the same permissions (to create, edit or delete files, install programs, etc.) as the user that started the session. For this reason, users of computers affected by this problem are advised to install the update released by Microsoft.

We continue this report with Application/KeySpy, which logs all keystrokes made on the affected computer from the Windows startup to the close of the session, including passwords for protected programs or entered on web pages. In addition, an icon is displayed on the desktop, which if opened will display a window with all of the keystrokes logged.

Application/GoldenKeyLog is a program that monitors keyboard activity when the computer is started up. It also displays a screen when it is installed on a computer and modifies the Windows registry to create an entry in "Settings-Add or remove programs".

Source: Panda
Digg this Post!Add Post to del.icio.usStumble this Post!Wong this Post!
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Webmaster Resources
UK WW SEO Tools
Find UK Hosts
 
The Forum Rules
Forum Rules - MUST READ
 
Site Of the Month
BizzFace
Nominate site of the month
 
Tag Cloud
43. wholesale adsense ready affiliate scam amazon apple iphone 16gb apple iphone 16gb 3g articles australia web hosting cash casino cheap clothes communications content custard media database dgital camerals directory domain name english teacher fantasy football fantasy football league football league free handbags home income instant jewelry link bid link directory links money money making online music news nokia n96 16gb online online shop poker professor replica sam allcock seo social networking sony vaio laptop sunglasses technology themes tutor verbalized wallet wallets wanted web web hosting webhosting website widget ready wordpress xmas offer

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Newbie alert deebee New Members Introduction 12 06-03-2007 04:47 AM
Virus Alert temi General Webmaster Talk 3 04-14-2007 04:35 PM
Trend Micro Medium Risk Virus Alert - WORM_BAGLE.BE ovi Computer and Software Forum 0 03-02-2005 02:09 PM
Fraud alert in UK temi In The News 0 11-29-2004 11:21 PM


All times are GMT. The time now is 09:02 AM.

UK Webmaster World Forums - Internet marketing, web development, domain names, SEO contest and discussuons.
Subscribe to our feeds   Subscribe to our feeds
UK Webmaster forums offer discussions on webmaster related issues including web hosting, domain names, search engine marketing and white hat SEO tactics for Google, Yahoo, MSN and other search engines and directories - Contact Us - Archive - Top - Advertise on UK SEO Forums - Sitemap

Powered by vBulletin® Version 3.7.0
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152