Latest News

Virus Alerts from Viruslist.com

• Net-Worm.Win32.Kido Kaspersky Lab has detected that multiple variants of Kido, a polymorphic worm, are currently spreading widely.
• Virus.Win32.Gpcode.ak Kaspersky Lab has detected a new version of the ‘malicious blackmailer’ Gpcode - Virus.Win32.Gpcode.ak.
• Email-Worm.Win32.Warezov.nf Kaspersky Lab has detected mass mailings of a new variant of Warezov, Email-Worm.Win32.Warezov.nf.
• Email-Worm.Win32.Warezov.mx New Warezov variant mass mailed
• Email-Worm.Win32.Warezov.ms A new variant of Warezov has been mass mailed, and is spreading rapidly
• Email-Worm.Win32.Zhelatin Multiple variants spreading
• Email-Worm.Win32.Zhelatin.u New variant of Zhelatin spreading rapidly
• Email-Worm.Win32.Zhelatin.r Sharp increase in the volume of Email-Worm.Win32.Zhelatin.r
• Email-Worm.Win32.Zhelatin.o Kaspersky Lab has detected a mass mailing of Email-Worm.Win32.Zhelatin.o, which is spreading as an attachment to infected emails.
• Email-Worm.Win32.Warezov Multiple new variants spreading

Latest Virus Descriptions from Viruslist.com

• Trojan-Dropper.Win32.Agent.albv This Trojan has a malicious payload. It is a Windows PE EXE file. It is 23552 bytes in size. Installation The Trojan copies its executable file as follows: %WinDir%\system\svhost.exe In order to ensure that the Trojan is launched automatically when the system is rebooted, the Trojan adds a link...
• Backdoor.Win32.Agent.abgg This Trojan provides a remote malicious user with access to the victim machine. It is a Windows PE EXE file. It is 22528 bytes in size. Installation Once launched, the Trojan copies its body to the Windows system directory as "digeste.dll": %System%\digeste.dll In order to ensure that the Trojan...
• Trojan-Dropper.Win32.Kido.a This Trojan is designed to install and launch other programs on the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file. It is 78848 bytes in size. It is written in C++.
• Trojan-Downloader.Win32.Kido.a This malicious program is a Windows DLL file. Installation The malware copies its executable file with random names to the following directories: %Program Files%\Internet Explorer\<rnd>.dll %Program Files%\Windows Media Player\<rnd>.dll %Program Files%\WindowsNT\<rnd>.dll %Program...
• Email-Worm.Win32.Merond.a This worm spreads as an attachment to infected emails and also via file-sharing networks and removable media. The worm itself is a Windows PE EXE file. The worm’s executable file can vary between 150KB to 400KB in size. Installation The worm copies its executable file to the Windows system...
• Trojan.Win32.Agent.azsy This malicious program is a Trojan. It is a Windows PE EXE file. It is 417792 bytes in size. It is packed using UPX. The unpacked file is approximately 439KB in size. It is written in C++. Installation Once launched, the Trojan copies its body to the current user’s Windows startup...
• Trojan.Win32.Agent2.dtb This Trojan calls premium rate numbers without the knowledge or consent of the user. It is a Windows PE EXE file. It is 25131 bytes in size. It is written in Delphi.
• Trojan-Downloader.Win32.Small.ydh This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user’s knowledge or consent. It is a Windows PE EXE file. It is 34816 bytes in size. It is not packed in any way. It is written in C++. Installation Once launched, the Trojan...
• Trojan-Downloader.Win32.Agent.ahoe This Trojan downloads another malicious program via the Internet and launches it on the victim machine without the user’s knowledge or consent. It is a Windows PE EXE file. It is 9216 bytes in size. It is packed using UPX. The unpacked file is approximately 38KB in size. It is written in...
• Trojan-Downloader.JS.Agent.crh This Trojan downloads other files via the Internet and launches them for execution on the victim machine. The program is an HTML page which contains Java Script scenarios. It is 1070 bytes in size.

Latest Virus Descriptions from f-prot.com

• Warezov.AKD This virus was discovered on: 30 Aug 2007
• Downloader.AYEV This virus was discovered on: 21 Jan 2007
• Mitglieder.UZ This virus was discovered on: 12 Dec 2006
• Quickspace.A This virus was discovered on: 7 Dec 2006
• Downloader.ANCJ This virus was discovered on: 14 Nov 2006

Virus Weblog Viruslist.com

• Curiosity killed the cat If you’re reading this, you’re probably not a cat, so curiosity won’t kill you. But it can result in someone getting hold of your confidential data.
• Tweet’n’earn We love social networking sites, and phishers are no exception
• The truth about Michael Jackson Not surprisingly, the death of Michael Jackson whipped up a frenzy of activity, with every new "fact" and comment from fans and the media adding to the storm of rumour
• URL shortening service compromised As pointed out by Stefan short URLs create big problems. How big those problems can get has been made very clear in an attack suffered by cli.gs. They claim to be the 4th most used shortening service on Twitter.
• Firefox updating message misleads users Over the course of last weekend I was busy setting up some new systems. During that process I came across an old virtual machine that I decided to fire up.
• Short URLs, big problems Short URL services are becoming increasingly popular among social networks, especially on Twitter. When you have to limit your message to just 140 characters, every character becomes important, and posting links to searches on Google or news websites can rapidly fill an entire Twitter message. Of...
• The Twitter worm that isn't On Saturday an alert went out about a new Twitter worm. Could this have been another XSS-Worm? Upon clicking the link users would see the following: [insert pica lucky] However that's not all that happens. Covertly a connection is made to another server that will result in a malicious PDF...
• AMTSO documents revisited The other week I blogged [http://www.viruslist.com/en/weblog?weblogid=208187722] about the newly accepted AMTSO documents. In three quick blog posts I'll go through all the documents individually in some more detail and why they are important. The first document we're going to have a look at is...
• German spammers hooked on Christmas It’s already May and almost half a year since Christmas. There’s more than six months until next Christmas
• Live from Interop Las Vegas I'm at the Interop Las Vegas show which is again taking place in the Mandalay Bay convention center. This is my first time in Vegas and I'm finding it quite the experience. Yesterday I talked about the dangers of social networks and the bigger issue of implicit trust around it. Today I'll be...