Bird Flu Inspires PC Virus

Discussion in 'Technical' started by Quigley_Sharps, Oct 30, 2005.

  1. Quigley_Sharps

    Quigley_Sharps The Badministrator Administrator Founding Member

    Virus writers, forever in search of opportunities to distribute their malicious code, are exploiting interest in the avian flu by circulating an e-mail with an attachment that contains information about the bird flu epidemic--and a Trojan horse tucked inside.

    The Naiva.A Trojan horse masquerades as a Word document with subject lines such as "Outbreak in North America" and "What is avian influenza (bird flu)?"

    "Using the bird flu is a very clever way of drawing attention and enticing those PC users less knowledgeable or concerned about security to open the attachment," said Jeanine Rother, a virus researcher at the German subsidiary of Panda Software, which is based in Spain. "Although users are constantly being told not to open attachments from unknown sources, some are likely to ignore these warnings because of their interest in the epidemic and potential threat to their own lives."

    Rother was unable to say how many computers have been so far infected with the Trojan horse, which the company detected in its virus lab.

    Panda Software has given the malware a low-risk rating in its posted security update.

    How it Works

    The Trojan horse uses two Word macros to run and install a second threat on the computer. The first macro enables the Trojan horse to modify, create, and delete files. The second macro installs Ranky.FY on computers. Ranky.FY allows hackers to gain remote control of infected computers.

    Panda Software urges users to set their macro security level at medium to receive a warning when a macro is run, or on high to stop macros from running altogether.

    The Naiva-A Trojan comes on the heels of numerous spam e-mail distributions that promote the sale of Tamiflu, the drug believed to be most effective at protecting humans for the H5N1 strain of the bird flu virus.
  2. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Can any VIrus be 'pushed' via email without us opening an attachment?
survivalmonkey SSL seal warrant canary