 |
News sulla sicurezza
Trojan disguised as a Microsoft security patch
Thu, 19 October 2006
Avira warns against harmful program which infiltrates in the computer
Tettnang 19 October 2006 – The security experts from Avira announced that there is a Trojan in circulation, “TR/Dldr.Stration.C”, since last night. This Trojan was sent via email in the wee hours of the morning. After the user had started the computer, the Trojan will download and activate a worm already known as “Worm/Stration.C”: The infected email will then disguise in an administration email. Moreover, the email has an attachment and can be recognized after the following English subjects:
• Error
• Good day
• hello
• Mail Delivery System
• Mail Transaction Failed
• picture
• Mail Server Report
• Status
• test “Mail server report”
The file names of the attachments are very much alike the typical Microsoft patch programs like for instance: "Update-KB%Nummer%-x86.exe" or "Update-KB%Nummer%-x86.zip" whereby the placeholder is an incidental number. Furthermore, a Windows mask will pop up showing the following message: “Update successfully installed”.
“Within a few hours after the outbreak, our special observation networks, the so called traps, already contained more than 4000 copies of the Trojan. In this way we came to the conclusion that the malware was spreading strongly and very rapidly”, explains Gernot Hacker, Security Expert at Avira. “Through the new heuristic AHeAD, Avira AntiVir was able to proactively detect 36 different variants of the Trojan and to ward off reliably. Particularly these kinds of Trojans are used very often for attacks in order to infiltrate programs into the computer where they can procure the access for further criminal attacks. In the majority of cases, the users don’t even notice anything.
The affected systems are Windows operating systems running on Windows 95, 98, 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP und Windows 2003.
Therefore, Avira recommends to use antivirus software consequently and to update the protection programs on a regular basis. Avira Antivir PersonalEdition Classic is a free of charge basis protection that can be downloaded from: www.free-av.de
Detailed information about the current Trojan can be seen by accessing the following link:
http://www.avira.com/en/threats/section/details/id_vir/3026/tr_dldr.stration.c.html
About Avira
Avira is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than twenty years of experience, the company is one of the pioneers in this field.
The security expert has several locations in Germany and partnerships in Europe, Asia and America. At its headquarters in Tettnang near Lake Constance, Avira is one of the region’s largest employers with more than 180 employees. Worldwide more than 250 persons are employed and their work regularly wins awards. Avira AntiVir Personal, used by millions of private users, represents a significant contribution to security.
Avira’s national and international customers include renowned corporations listed on the stock exchange but also educational institutions and public authorities. In addition to protection of the virtual environment, Avira also provides for more protection and security in the real world by supporting the Auerbach Foundation. Established by the founder of the company, the Auerbach Foundation promotes charitable and social projects as well as the arts, culture and science.
Company Contact:
Avira GmbH
Adela Kohl/Gernot Hacker
Lindauer Str. 21
D-88069 Tettnang
Telefon: +49 (0) 7542-500 0
Telefax: +49 (0) 7542-525 10
Email: press@avira.com
Press Contact:
Jacklin Montag
LEWIS Global PR
Baierbrunner Strasse 15
D-81379 München
Tel.: +49 (0) 89-17 30 19 19
Telefax: +49 (0) 89 1730 19 99
Email: avira@lewispr.com
 Stampa questa pagina
|
|
Minacce 
.gif)
