- 30 Sep
A new multi-component virus gathers steam. Kaspersky Labs, an international data-security software developer, announces the detection of a new Internet worm called Tanatos, which is currently spreading via email and is busy hijacking confidential information from infected...
- 14 Sep
The "Slapper" worm successfully uses the 14-year old technology Kaspersky Labs, an international data-security software-development company, warns about the detection of a new dangerous "Slapper" Internet-worm that infects computers running Linux operating system and uses the source code spreading technology, which was used in the notorious Morris Worm in 1988. Up to date Kaspersky Labs received no user reports about this malicious program to be detected "in-the-wild". However the detailed analysis of the worm confirms its high potential to cause a global virus outbreak and therefore poses a threat to Linux users. To find a victim computer "Slapper" scans computers connected to the Internet and chooses those having Linux operating system and Apache Web-server installed. After detecting such computer the worm creepingly uploads its copy there by exploiting the OpenSSL security breach (buffer overflow). The main distinctive feature of "Slapper" is that the uploaded worm copy is in source code, not already compiled executable package. After the uploading is competed, the worm uses the locally installed C compiler (gcc) to produce an executable copy of the worm and then launches it. Such an original method provides "Slapper" compatibility with all Linux types regardless of the distribution manufacturer and version of the kernel. This method was invented in November 1988 and applied for the first time in notorious Morris Worm that succeeded to infect more than 6000 companies worldwide (including NASA Research Institute) resulting in US$96 million loss. Until this very moment the method of source code spreading has never been used. "It is quite possible that "Slapper" will initiate a new wave of multi-platform malware development, which will be able to infect not only Linux, but Windows, Unix and other operating systems simultaneously. This is obvious because C compilers can be found on every commonly used platform as well as security breaches through which malware will "worm" on victim computers," said Eugene Kaspersky, Head of Anti-Virus Research for Kaspersky Labs. "The worm's other side effect will be the appearance of its numerous clones. To create its modification a person will only need to apply the necessary changes to the source code that will be available everywhere in the Internet. Considering this we already started the development of the applicable add-on to the heuristic technology integrated in Kaspersky Anti-Virus that will allow us to catch even unknown Slapper-style worms," he added. In addition, "Slapper" also poses a threat to the data confidentiality on the infected computers. The worm contains backdoor-features (unauthorized remote administration) that allow a malicious person to perform certain unwanted actions, such as execution of remote commands, data theft, implication in distributed DoS-attack, etc. Protection against "Slapper" already has been added to the daily update of KasperskyT Anti-Virus.
- 10 Sep
A Trojan has been detected, in a commercial product for processing graphic software, that destroys files on the Windows system directory Kaspersky Labs reports the detection of a Trojan horse, FireAnvil, embedded in a commercial product from US company, Firehand Technologies Corporation.
- 05 Sep
September 6 marks detonation day for one of the most widespread Internet worms Kaspersky Labs, an international data-security software developer, warns computer users of the Septemeber 6th activation of the destructive functions wielded by the Internet worm KLEZ.E - one of the most widespread...
- 02 Sep
Kaspersky Labs presents the Virus Top 20 for the month of August. The percentage shown represents the percentage of registered incidences. I-Worm.Klez 76,45 I-Worm.Lentin 21,66 Win95.CIH 0,45 Abba 0,24 I-Worm.Hybris 0,10 Win32.FunLove 0,07 I-Worm.Sircam 0,03 I-Worm.Magistr 0,01 Win95.Tecata 0,01 I-Worm.HappyTime 0,01 Trojan.Win32.Filecoder 0,01 Backdoor.Antilam 0,01 Armageddon 0,01 Backdoor.Arcanum 0,01 Attention 0,01 I-Worm.BadtransII 0,01 Backdoor.Antilam 0,01 Backdoor.Cabrotor 0,01 Backdoor.Death 0,01 Trojan.PSW.Stealth 0,01