LinkBack URL
About LinkBacks
New Viruses for your PC
Here are a few new viruses to watch out for.
1.JokR.A is a script worm which leaves a visible indication of infection for users to see. In order to spread, this malware copies itself under the name Th3_jOkEr.vbs together with the autorun.inf file (hidden) to all drives and the Windows folder. This way, it runs whenever users access these drives. It also copies itself to removable drives to increase its chances of propagation. This malware makes a series of entries in the registry, to ensure it runs on every system start-up, displaying the following warning: "Thanks for your participation", "My virus is now on your computer, so thank you for your the particiation with your friends!)". It also inserts the following text in the Internet Explorer header: "Hacked By Yassine [Th3_jOkEr] ...:::... F@#* You ...:::..."
2. Here is a Trojan and a virus associated to an email with the subject Convocatoria en la Audiencia (Summons to the Central Criminal Court). This message has an attached file which looks like a pdf file, but in reality it has the "scr" extension. On opening the file which supposedly contains the summons, users are taken to the official website of the Spanish National Police, while another connection is made to a page from where it downloads and installs the Banker.LYI Trojan and the Induc.A virus.
Banker.LYI is a banker Trojan that targets a specific Spanish bank. This Trojan steals the bank details entered by users, and uses the Outlook address book to redistribute the same message among all the infected user's contacts.
Induc.A is a virus written in Delphi. The first thing the virus does is search for versions of the Borland Delphi compiler (4,5,6 or 7) installed on the computer. If it finds a version, the virus inserts a code to infect all the files compiled with these versions.
Just a quick FYI for everyone.
Ed
Reply With Quote
