BitDefender mette in guardia su una nuova variante del worm Palevo, in grado di forzare i sistemi non protetti con link a false gallerie fotografiche attraverso i programmi di messaggistica instantanea. L’ultimo nato della famiglia Palevo ha cominciato a diffondersi in questi giorni con un’enorme wave of spam automatically generated. The unsolicited message asking the recipient to click on a link accompanied by a smiley face, showing a picture or a photo gallery. Instead of opening the alleged collection of images, the link will convince users to save what looks like a file. JPG, actually an executable that hides Worm.P2P.Palevo.DP. If your system is protected against specific infections of the worm Palevo.DP, the problem can become serious. To begin the worm creates several hidden files in Windows folder (mds.sys, mdt.sys, winbrd.jpg, infocard.exe) and change some registry keys to get those files with the intention to pass through the firewall operating system. Like other viruses of the same family, Palevo. DP has a backdoor component that allows attackers to take control of the compromised computer and do whatever they want - from installing other malware to steal files, to launch spam campaigns and so on. The family Palevo can intercept passwords and other sensitive data included in Mozilla Firefox and Microsoft Internet Explorer, making the use of e-banking or online shopping extremely risky for users. The diffusion mechanism also attacks the sharing network and USB memory devices, which creates an autorun.inf file. When the disk or removable memory is inserted in the machine with the Autorun feature enabled or not protected by a security solution with the ability to access scanning, the system will automatically be infected. Palevo The worm affects users of P2P file sharing platforms, such as Ares, BearShare, iMesh, Shareza, Kazaa, DC + +, eMule and LimeWire, adding their own malicious code into the file sharing.
0 comments:
Post a Comment