Search for:

Articles 

Contact us 

Media 

News 

Events 

Links 

Free Downloads 

 

Virus Report > Back Home

  

 
TREND MICRO WEEKLY VIRUS REPORT:
Friday October 21, 2005  
Issue Preview:

1. Trend Micro Updates - Pattern File & Scan Engine Updates
2. The Rise of the FANBOT Family - WORM_FANBOT.F (Low Risk)
3. Top 10 Most Prevalent Global Malware
4. Webinar: New Techniques & Solutions to Protect Your Business Against Spyware and Spam**
5. Trend Micro's Spyware Prevention Tools

1. Trend Micro Updates - Pattern File & Scan Engine Updates
  • Pattern File : 2.903.00
  • Scan engine : 7.510

    2. The Rise of the FANBOT Family - WORM_FANBOT.F (Low Risk)
    Over the past five days, we have seen six variants of FANBOT, a new family of worms. Although none have progressed very far, researchers at Trend Micro are paying particular attention to this new threat because of the potential these early variants have shown to propagate and successfully exploit a serious vulnerability that can be utilized to grant a malicious user complete access to the user's system. Such access can be used to launch malicious attacks, install rogue software, and steal personal information. Future variants may also have the ability to spread rapidly and include additional functionality.

    The FANBOT family utilizes the base code of the MYTOB family, in addition to added functionality that exploits the MS05-039 ("Plug-and-Play") vulnerability announced in August. The author has also added the capability for this worm to propagate via P2P or file-sharing networks, in addition to more traditional email spam methods. This family also incorporates the use of the following mock error message, when the user clicks on the file attachment:

    Error
    The file could not be opened!

    Launching the attached file actually executes the worm, but the message box disguises this fact by creating the illusion that the email was in fact legitimate.

    The FANBOT family of worms does not appear to be developed by any of the MYTOB groups, but likely is the creation of a different individual. In fact, Trend Micro believes there may be a new underground war starting, evidenced by the statement made in some of the FANBOT variants that the MYTOB author "is an idiot!!!".

    Security experts at Trend Micro recommend that users take the following measures to protect against the FANBOT family of malware as well as other attacks:

    -Ensure your system is patched with the most current Microsoft system update.

    -Ensure your antivirus definitions are updated.

    -Trend Micro offers HouseCall, a free virus scanning service, available at http://trendnewsletter.rsc03.net/servlet/cc5?lgLQBCRQTVrjxpuipjLuLKpHQJhuV2VSD

    Existing Trend Micro customers can also utilize the network virus wall and vulnerability assessment modules*, which are built into most of our products, to help keep their system updated.

    * The Network Viruswall (NVW) pattern stops this worm from spreading throughout the network and infecting other machines. A network that is protected by the NVW pattern is assured that any presence of the code at the network layer is immediately filtered out before it causes any damage. The Vulnerability Assessment (VA) pattern detects all machines in the network that have not been patched against the vulnerability exploited by these worms. This enables system administrators to be notified immediately of machines that require protection and to take necessary actions to assure that damage is not magnified on a network-wide scale.

    If you would like to scan your computer for WORM_FANBOT.F, or thousands of other worms, viruses, Trojans and malicious code, visit HouseCall, Trend Micro's free, online virus scanner at: http://housecall.trendmicro.com

    For additional information about WORM_FANBOT.F please visit:
    http://trendnewsletter.rsc03.net/servlet/cc5?lgLQBCRQTVrjxpuipjLuLKpHQJhuV2VW

    3. Top 10 Most Prevelant Global Malware
    (from October 14 to October 20, 2005)
    1. JAVA_BYTEVER.A
    2. SPYW_DASHBAR.300 
    3. HTML_NETSKY.P 
    4. WORM_NETSKY.P
    5. SPYW_GATOR.F 
    6. PE_PARITE.A 
    7. TSPY_SMALL.SN 
    8. ADW_LOP.A 
    9. TROJ_DYFUCA.I 
    10. ADW_ISTBAR.K 
    4. Webinar: New Techniques & Solutions to Protect Your Business Against Spyware and Spam**

    Spyware and spam threaten everyone, but businesses with more than 100 employees require security strategies and solutions that are far more complex than those available to consumers and small businesses.

    Trend Micro invites you to a free, 60-minute webinar on November 2 at 11:00am PST to share the results of the most recent research on these threats, as well as the newest and most effective enterprise-level anti-spyware and anti-spam solutions available. In this webinar John Maddison, Trend Micro's Senior Director for Network Security Services, will discuss:

    -Trend Micro's new reputation services--the first line of defense against spam, phishing attacks, and other emerging threats

    -Why traditional anti-spam scanners are losing effectiveness, and how IP Reputation Services are both filling the gap and presenting new solutions with fewer false-positives

    -Trend Micro's latest host-based solution to move you towards a multi-layered anti- spyware security solution

    -New, easy-to-manage, enterprise class anti-spyware products that increase your productivity, reduce help desk calls and prevent browser hijacking

    To register, visit:
    http://trendnewsletter.rsc03.net/servlet/cc5?lgLQBCRQTVrjxpuipjLuLKpHQJhuV2VTR

    **For residents of the U.S. & Canada only

    5. Trend Micro's Spyware Prevention Tools

    Education is the best tool to defend yourself against spyware. Watch Trend Micro's Spyware demo to learn more. Use Trend Micro's free, online spyware scanner to scan and clean your computer.

    -View the spyware demo

    -Free, online spyware scanner  

    		•
    < Back

    © IMPIRE Communications, LLC All Rights Reserved.  Website designed & managed by Oculus Networks