By John E. Dunn
04 May 10
A crafty new P2P worm appears to be spreading quickly among users of a
range of popular file-sharing programs.
So far the countries affected by the worm variant BitDefender calls
Palevo.DP - Romania, Mongolia or Indonesia . suggest that the worm is
being driven by factors specific to those countries. However, the
file-sharing and IM services affected, said to include LimeWire, Ares,
BearShare, iMesh, Shareza, Kazaa, DC++, and eMule, are wirdely used
around the world by a mainly young audience, so the warning for users
outside these countries is clear.
The worm lures victims using a link embedded in a spam IM message, which
leads to what appears to be an image file but is actually the malicious
payload. From that point on, the malware burrows into the host by
installing a number of files that compromise the Windows XP firewall.
By this point the criminals have control over the system and can open
backdoors to install further malware or capture passwords entered using
Internet Explorer or Mozilla Firefox.
Best Selling Security Books and More!
Shop InfoSec News