Holiday computer virus alert....

[Dan Murphy]

From my anti-virus provider, www.pandasoftware.com............

December 23 2005 - This week's report looks at two Trojans -MerryX.A and Mitglieder.GO-, and two worms -Dasher.A and Dasher.B-.

MerryX.A is a Trojan sent in an email with the following characteristics relating to Christmas:

Subject: MERRY CHRISTMAS!

Message text: Merry Christmas and a Happy New Year!

Attachments: A_LIGHTSMC10.GIF, a picture of colored lights with the words "Merry Christmas"; and MERRY CHRISTMAS!.RAR, a self-extractable file containing two other files: SQLServer.exe, a copy of the Trojan, and MERRY CHRISTMAS!.SWF, a Flash animation showing Father Christmas leaving presents by a tree.

MerryX.A takes a series of actions on the computers it infects
including:

- It logs the keystrokes typed by the user. This can be used to capture passwords or other kind of sensitive information, thus posing a threat to the user's privacy. Then, it connects to a remote server, to which it sends the information gathered.

- It attempts to download files from different websites. These can be any type of file, including malware.

The second Tojan we're looking at today is Mitglieder.GO, which has been sent massively via email by the Bagle.FX worm, in a message containing a ZIP file.

Mitglieder.GO is a Trojan that connects every four hours to a random URL selected from a list of websites included in its code in order to download and run a file. This file can be of any nature, including malware. When it is run this Trojan displays a Windows image.

We end today's report with Dasher.A and Dasher.B, two worms that spread across the Internet. They spread in a self-extractable RAR file that contains and installs other files that open port 1025. These files search for IP addresses of computers with Windows 2003/XP/2000 affected by the critical vulnerabilities reported by Microsoft in bulletin MS05-051. The self-extractable RAR file is installed on vulnerable computers in which Dasher.A and Dasher.B manage to exploit these security problems.

If your computer has Windows 2003/XP/2000, it is advisable to download and install the updates that resolve these vulnerabilities. More information is available in Microsoft bulletin MS05-051.

More information about these and other threats is available from Panda software's Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.

Just an FYI.

 

[KathyFP]

Thanks

 

[barkley]

bumping up for more exposure.

brings back memories of getting our first pc years ago at christmas time. just before new years we got a virus that fried our hard drive. luckily sears had a 15 day return policy for all electronics. we got a new one, but apparantly so did allot of other folks in the same boat-sears changed their policy right after.

 

[Pin Wizard]

YIKES!

Thanks, Dan!

 

[we3disneygo]

thanks !

 

[Planogirl]

Thanks so much Dan. I'm getting so many of these holiday messages and it's good to be reminded to be careful.

 

[Hootiss]

Thanks Dan, you're the best!

 

[Blondie]

Thanks Dan!

 

[Galahad]

Thanks Dan

 

[dbarker]

Thanks for the heads up. Seems some people just have too much time on their hands.

 

[Nutsy]

How Charming........not.

Thanks Dan..........hope it doesn't head my way..........

 

[mtblujeans]

I signed up for some newletters at (what I thought were) reputable sites and I suddenly am getting inundated with garbage emails! I have gotten two emails from persons, with a first AND last name listed as the sender, with MERRY CHRISTMAS in the subject line. I deleted them without opening them but I am very disappointed to now learn that they were probably viruses!

As always, Thanks, Dan!