By John Leyden

Today brings further proof that no human disaster these days arises without been exploited by internet ne'er-do-wells. Hot on the heels of a spam campaign punting Tamiflu, the drug believed most effective at protecting humans from the potentially-lethal H5N1 strain of the bird flu virus, comes a piece of malware designed to tap into topical concerns about the disease.

The Naiva-A Trojan masquerades as a Word document containing information about the bird flu epidemic in order to dupe unwitting Windows users into opening the maliciously constructed file. Once executed, the malware uses two Word macros to run and install a second item of malicious code, Ranky-FY, onto infected PCs. Ranky-FY gives hackers the ability to control compromised PCs.

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 10:38

By Michael Myser

Security researchers have identified a rootkit being spread through AOL's popular instant messaging client and AOL chat rooms.

Bundled within the previously identified W32/Sdbot-ADD worm, the lockx.exe rootkit file is installed when users click on the file link within the IM window. Though neither the worm nor the rootkit file are new, it appears to be the worm's first foray into the AIM (AOL's Instant Messenger) network. What's more troubling is that rootkits haven't previously been spread via IM.

"This is the first instance of a rootkit coming through the IM vector," said Tyler Wells, senior director of engineering for FaceTime Communications.

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 10:34

By John Leyden

The Anti-Spyware Coalition (ASC), an alliance of software companies, security firms and consumer groups, finalised its definitions of spyware on Thursday.

The group defined spyware and other potentially unwanted technologies as those deployed without appropriate user consent and/or implemented in ways that impair user control over: material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; and/or collection, use, and distribution of their personal or other sensitive information.

ASC also published a "risk modeling" document that explains the criteria anti-spyware vendors use to determine whether or not to label a piece of software as "spyware." The document, which contains a fair amount of technical detail, is designed to help consumers to better understand how security products work, as well as offering anti-spyware companies guidelines for their own proprietary rating processes. The risk modeling language will be open for public comment until 27 November on the ASC Web site.

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 07:57

In a review by "The Journal Online - Technology Horizons in Education", NOD32 beat our 13 competitors in every category except memory usage - where it came in a very respectable second place - to a solution which wasn't really ranked highly in all other test!

More details here:

http://www.thejournal.com/magazine/vault/articleprintversion.cfm?aid=5421

Posted by Greg Hewitt-Long in NOD32 News at 12:55