Main Remote Support Services Preferred Provider Network Online Backup Security Virus Information
Contact Us Prices Blog Pay Invoice Testimonials
Weekly Report on Viruses and Intruders
, August 10, 2007 - Shark 2, a Trojan creation tool, is the main subject Madrid
of this weeks PandaLabs report, which also covers Addon.B and MSNPoopy.A, two
worms that use MSN Messenger to spread.
Shark 2 is distributed for free in various Internet forums and is very easy to
use, which makes it particularly dangerous. The Trojans created with this
builder could steal all kinds of confidential data from users computers if they
are not well protected.
These Trojans pose a threat to users privacy as cyber-crooks could activate
the victims webcam, if they have one, and watch what they are doing, explains
Luis Corrons, Technical Director of PandaLabs.
Shark 2 allows criminals to specify the server the Trojan must connect to, and
set the Trojan to run on every system restart, show error messages or run other
files. Also, the tool allows malicious users to perform specific actions for
processes and services, such as stop certain services, shut down or delete the
user server, etc.
Once it has infected a computer, the Trojan created by Shark 2 connects to the
server the hacker has chosen and displays a screen that allows them to take
various actions, including commanding the malware to steal all kinds of
passwords (for instant messaging services, email, banking services, etc.).
The cyber-criminal can also run a large number of utilities on the infected
computer, for example, to modify the registry or edit the host file. By doing
this, they could redirect users to phishing or infected pages.
Trojans created with this tool can also take screenshots, capture audio and log
Malware creators can use this tool to build Trojans capable of attacking users
on several fronts, but always with the same goal: get information that they can
easily turn into some kind of financial gain, states Corrons.
The first worm covered in todays report is Addon.B, a malware specimen that
sends a .zip file called Foto_celular by MSN Messenger. If the user opens it and
runs the file inside, they will be installing a copy of the worm on their
Addon.B copies itself to all drives under the name Foto_celular.scr. Once run,
this file downloads the second component of the worm, sexy.wm. This malware, in
turn, connects to two web pages waiting for commands ranging from downloading
other malicious codes onto the infected computer to updating itself.
MSNPoopy.A uses similar techniques to Addon.B to spread through MSN Messenger.
In this case, it uses sentences like look @ my cute new puppy :-D or
look @ this picture of me, when I was a kid to entice users into opening the
attached file, which has names such as img1756 and is compressed in .zip format.
If the targeted user opens it and runs the file inside, they will become
infected. Also, all the users in the victims Address Book will receive the
message the worm sends, with the possibility of becoming infected.
MSNPoopy.A edits the Windows Registry to ensure it is run every time the system
is started up. It also tries to connect to other instant messaging channels to
send out information or continue spreading.
It shouldnt surprise anyone that cyber-crooks are increasingly using instant
messaging to distribute their creations. These are services used by millions of
people every day, so they make a very easy and quick way of infecting a huge
number of users, explains Corrons.
More information about these and other malicious codes at Panda Securitys
All users that want to know whether their computers have been attacked by these
or other malicious code can use ActiveScan, the free solution available at:
http://www.pandasoftware.es/activescan. It will carry out a complete inspection
of the computer should there be any hints of infection.
Download free evaluation software Platinum 2006 Internet Security
FREE SYSTEM ANALYSIS!
For Microsoft Windows® Desktops and Notebooks
Run the MA4 Computer Services System Analyzer by Webroot for a report on your computer's specific software security and capacity performance. Find out if your computer has:
Run System Analyzer
Protecting Yourself from Viruses
15 Tips to Stay Virus Free
Users who know how to avoid Viruses & Crimeware are a critical layer of network protection. Train your staff with this FREE, easy-to-use, multimedia presentation.
and helps you to improve the level of
15 Tips for Keeping Virus Free (flash)
Download free evaluation software Platinum 2006 Internet Security
General Tips About Viruses
Get an anti-virus protection for your computer. Update it frequently and set
the options to scan e-mail as well as other files.
Don't open any attachment if you are not expecting it, even if they are from
people you know, unless you are certain that it's a legitimate file. If
you're not certain, ask them to confirm that they sent you an attachment.
Even then, there is a chance that the file could be infected.
Backup your data often (and keep a backup copy in a different location in
case of fire.)
Only download software from reputable sources.
New viruses appear every day. For information on some of the most recent
viruses, worms, and Trojan Horses, visit the Symantec and McAfee web sites.
* The Symantec AntiVirus Research Center Online Virus and Hoax
Encyclopedia is located at: http://securityresponse.symantec.com/ OR
* The McAfee Virus Information Library is located at: http://us.mcafee.com/virusInfo/default.asp/
Worried About Viruses?
Get Real Time Virus Protection and save $5 on McAfee Security VirusScan Software.
HERE ARE JUST SOME OF THE ON-SITE SERVICES TECHNICIANS CAN PERFORM:
Phone Number: (510) 604-3811 / (925) 516-4054
Support Email: email@example.com
On-Site Computer Support
OVER TWELVE YEARS OF EXPERIENCE
1155-C Arnold Drive. #217
Martinez, CA 94553-4108
Fax Number: 925.372.6507
We gladly accept
Sharon from Pleasant Hill, CA: Matsie was great and explained everything to me in terms I could understand.
Chris Siemens Business Services from Walnut Creek, CA: Fantastic response, great communications, look forward to working again.
Lexi CompUSA, Inc. Fairfield, CA: Tech was very knowledgeable!
Michael World Savings Lafayette, CA: Thanks for the great work!
Kathy from Walnut Creek, CA: Matsie is very professional and personable. He resolved our issues exactly as planned. He has just the right mix of professionalism and friendliness.
Lin from Antioch, CA: I'm so happy to have found you! THANK YOU soooooo much for everything you helped me with. I am very impressed with your skill & professionalism.
San Francisco East Bay locations we serve:
Alamo, Antioch, Benicia, Brentwood, Clayton, Concord, Danville, Dublin, Fairfield, Lafayette,
Martinez, Pacheco, Pleasant Hill, Pleasanton, Orinda, Oakley, San Ramon, San Francisco,
Walnut Creek, Vacaville, Vallejo
Download free evaluation software Panda Titanium 2006 Antivirus + Antispyware
Main Backup Security Virus Information Pricing Testimonials Purchase Computers Remote Support Contact Us Blog