We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
a new wave of spam
Options
symy@nufc
Posts: 295 Forumite
in Techie Stuff
please be aware of the new spam
During the last 48hrs virus writers have been taking advantage of the winter storms in Europe to launch a new wave of attacks on computers around the globe.
This particular attack trys to get the user to "execute" a malicious file attached to an email that contains a Trojan horse.
The email and its attachment pose as information about the dreadful weather that Europe has currently been experiencing.
(Something I can personally vouch for as a roofing contractor has only just left my house after replacing tiles blown off in the strong winds!)
The Trojan is being distributed in emails with messages subjects like:
- 230 dead as storm batters Europe.
- British Muslims Genocide
- Naked teens attack home director.
- A killer at 11, he's free at 21 and kill again!
- U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
The email will have an attachment that contains the Small.DAM Trojan.
The attachments may contain one of the following filenames:
- Full Clip.exe
- Full Story.exe
- Read More.exe
- Video.exe
If executed (clicked on) the "payload" turns the users computer into a machine that can be controlled remotely by the "hackers" from anywhere in the world!
Turning the computer into what is commonly known as a "zombie"
UK anti-virus firm Sophos reports that the malware accounts for one in every 200 emails it has monitored over the last 12 hours. Two in every three reports of malware tracked by Sophos on Friday involved reports of the Trojan.
By focusing on a topical subject like the news of storms of up to 200kmph the writers of this malicious program expect users to let their guard down and open the attachment!
In doing so they can turn their computer into a machine that as the mercy of the hackers, who can use the infected machine to send out spam email or even capture the personal information of the computer owner...
For you techies reading this article Small.DAM contains an advance kernel mode driver that is dropped onto the infected computer:
%SysDir%\wincom32.sys - Kernel mode driver component
%SysDir%\peers.ini - Initialization file component
It also installs itself as a service with the name "wincom32" by creating the following registry keys:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
\wincom32]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
\Root\LEGACY_WINCOM32]
It now appears that the writers of the malicious Trojan Small.DAM, have launched a second wave of emails on the public, due to the success they have had with the first wave...
It is still the same malicious program but with new subject lines like:
- Radical Muslim drinking enemies's blood.
- Chinese missile shot down Russian satellite
- Chinese missile shot down Russian aircraft
- Chinese missile shot down USA aircraft
- Chinese missile shot down USA satellite
- Russian missile shot down USA aircraft
- Russian missile shot down USA satellite
- Russian missile shot down Chinese aircraft
- Russian missile shot down Chinese satellite
- Saddam Hussein safe and sound!
- Saddam Hussein alive!
DON'T GET CAUGHT OUT!
Make sure you have an up to date antivirus package on your computer - if you do not have the funds for one then do not let that be an excuse, take a look the the free version from Grisoft.com
During the last 48hrs virus writers have been taking advantage of the winter storms in Europe to launch a new wave of attacks on computers around the globe.
This particular attack trys to get the user to "execute" a malicious file attached to an email that contains a Trojan horse.
The email and its attachment pose as information about the dreadful weather that Europe has currently been experiencing.
(Something I can personally vouch for as a roofing contractor has only just left my house after replacing tiles blown off in the strong winds!)
The Trojan is being distributed in emails with messages subjects like:
- 230 dead as storm batters Europe.
- British Muslims Genocide
- Naked teens attack home director.
- A killer at 11, he's free at 21 and kill again!
- U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
The email will have an attachment that contains the Small.DAM Trojan.
The attachments may contain one of the following filenames:
- Full Clip.exe
- Full Story.exe
- Read More.exe
- Video.exe
If executed (clicked on) the "payload" turns the users computer into a machine that can be controlled remotely by the "hackers" from anywhere in the world!
Turning the computer into what is commonly known as a "zombie"
UK anti-virus firm Sophos reports that the malware accounts for one in every 200 emails it has monitored over the last 12 hours. Two in every three reports of malware tracked by Sophos on Friday involved reports of the Trojan.
By focusing on a topical subject like the news of storms of up to 200kmph the writers of this malicious program expect users to let their guard down and open the attachment!
In doing so they can turn their computer into a machine that as the mercy of the hackers, who can use the infected machine to send out spam email or even capture the personal information of the computer owner...
For you techies reading this article Small.DAM contains an advance kernel mode driver that is dropped onto the infected computer:
%SysDir%\wincom32.sys - Kernel mode driver component
%SysDir%\peers.ini - Initialization file component
It also installs itself as a service with the name "wincom32" by creating the following registry keys:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
\wincom32]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum
\Root\LEGACY_WINCOM32]
It now appears that the writers of the malicious Trojan Small.DAM, have launched a second wave of emails on the public, due to the success they have had with the first wave...
It is still the same malicious program but with new subject lines like:
- Radical Muslim drinking enemies's blood.
- Chinese missile shot down Russian satellite
- Chinese missile shot down Russian aircraft
- Chinese missile shot down USA aircraft
- Chinese missile shot down USA satellite
- Russian missile shot down USA aircraft
- Russian missile shot down USA satellite
- Russian missile shot down Chinese aircraft
- Russian missile shot down Chinese satellite
- Saddam Hussein safe and sound!
- Saddam Hussein alive!
DON'T GET CAUGHT OUT!
Make sure you have an up to date antivirus package on your computer - if you do not have the funds for one then do not let that be an excuse, take a look the the free version from Grisoft.com
dont drink and drive:beer: :beer:
come on the toon!!
come on the toon!!
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards