Spyware Remover Help Spyware removal ebook Free download

PandaLabs has recently detected a new variant of the Boface family that affects the social networks Facebook and MySpace. In this case, the worm sends all the user's friends a message which contains a link to a supposed YouTube video.In order to view the video, the user is required to download a Flash Player update. However, the downloaded file is not an update but a copy of the worm.This shows that cyber-crooks are still interested in the social networks to distribute their creations. In fact, Facebook and MySpace with millions of registered users have become a profitable target for them. Panda Security's users are already protected against this worm, Boface.G, and Facebook has started taking measures to solve this problem. You can check it here.


original article

Tags: panda

Posted under Malware Alerts

Shortly after having known the results of the US presidencial elections, the cyber-crooks have used this topic to distribute malware in spam messages.One of these malicious emails seems to be sent from an online newspaper from Peru. Its content is in Spanish and talks about the results of the US elections and invites users to view a video addressed to the Latin community.The video is actually the file "BarackObama.exe" which has been detected as Banker.LLN. This malicious code modifies the file HOSTS of the infected computer, redirecting the http connections of some websites belonging to one of the biggest banking entities from Peru to the local IP address local 127.0.0.1, in which a fake page of the bank is displayed in order to obtain our access data. Another example of this kind of spam is the one informing that Barack has become the 44th US president and the first Afro-American president. This email contains a link to a fake website that seems to have the America.gov domain. Besides the mentioned piece of news, we can view a video but an adobe flash update (adobe_flash9.exe) is required to view it. However, this file is not an update but the malicious code.This malware consists of W32/Asniffer.F.worm and the rootkit detected as Rootkit/Asniffer.G in order to hide the worm component. It is designed to capture the network traffic and harvest information related to ftp, icq, pop3, imap connections, etc…We recommend you to be cautious when accessing the links included in these type of emails, because besides being unwanted emails, they can compromise our privacy.


original article

Tags: malware, panda

Posted under Malware Alerts

Yesterday Microsoft published an extraordinary security bulletin called MS08-067. This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution and it is exploited by sending a specially crafted RPC (like Sasser, Blaster) request to a vulnerable system. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems (even Windows 7 Pre-Beta), an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. This vulnerability is rated as critical for Windows 2000, Windows XP, Windows Server 2003 and as important for Windows Vista and Windows Server 2008.We have already seen the first Trojan that has been sent out using this vulnerability, we detect is as Trj/Gimmiv.A. The Trojan itself is not using the vulnerability to spread, but someone is infecting systems with it using the vulnerability. We strongly recommend you to update you system as soon as possible.


original article

Tags: panda, trojan

Posted under Malware Alerts