SAN DIEGO, Calif. --(Business Wire)-- Feb. 6, 2006 -- ESET, a global security software company providing next-generation malware protection, today warned customers of two new Bagle virus variants proliferating via the Internet that can cause significant computer damage. ESET noted a Bagle variant, Win32/Bagle.FA, on February 3, and it spread rapidly yesterday during the Superbowl football game, along with a slightly older variant, Win32/Bagle.EZ. ESET Threat Labs have determined that the variants disable antivirus programs and modify the system's hosts file so they cannot be updated.

Internet Telephony Conference and Expo

The new Bagles are "Trojan downloaders," which install malicious files from an Internet location to create a backdoor into a machine, surpassing other computer defenses. Once the backdoor is installed, user systems are left unprotected to new viruses, since virus signatures are not updated properly. -0- *T To identify suspect emails, IT administrators should look for emails where either the subject line and body lines may contain the text: Price February price, and the attachments may be .zip files with any of the following names price pricelst pricelist price_lst new_price February_price 21_price. *T

Posted by Spencer Cuffe in Virus & AntiVirus News at 13:42

SAN DIEGO, Calif. --(Business Wire)-- Feb. 6, 2006 -- ESET, a global security software company providing next-generation malware protection, today warned customers of two new Bagle virus variants proliferating via the Internet that can cause significant computer damage. ESET noted a Bagle variant, Win32/Bagle.FA, on February 3, and it spread rapidly yesterday during the Superbowl football game, along with a slightly older variant, Win32/Bagle.EZ. ESET Threat Labs have determined that the variants disable antivirus programs and modify the system's hosts file so they cannot be updated.

Internet Telephony Conference and Expo

The new Bagles are "Trojan downloaders," which install malicious files from an Internet location to create a backdoor into a machine, surpassing other computer defenses. Once the backdoor is installed, user systems are left unprotected to new viruses, since virus signatures are not updated properly. -0- *T To identify suspect emails, IT administrators should look for emails where either the subject line and body lines may contain the text: Price February price, and the attachments may be .zip files with any of the following names price pricelst pricelist price_lst new_price February_price 21_price. *T

Posted by Spencer Cuffe in Virus & AntiVirus News at 13:42

By Frank Washkuch Jr

January is the newest worst month on record for PC viruses, according to a report released by Sophos.

The firm said that 2,312 new articles of malware appeared last month, an increase of more than one-third since December.

The Sober worm, called W32/Sober-Z by Sophos, accounted for nearly 45 percent of all malware. However, its recent dominance as the most frequently seen type of malware is set to end, the firm warned, because it stopped spreading on Jan. 6.

The Nyxem or Kama Sutra worm, which first appeared on Jan. 18, accounted for 3.6 percent of all malware recorded by the company last month. The worm, which lures users into downloading it by offering what it says is pornographic material, was set to delete PC files on Friday, but has so far failed to live up to expectations.

Graham Cluley, senior technology consultant for Sophos, said viruses that use porn as a lure will always have some level of success.

"If you look at the rest of the chart, it's mostly made of old viruses," he said. "There will always be a portion of people who think with their trousers instead of their brains and they'll get their computer infected."

Posted by Spencer Cuffe in Virus & AntiVirus News at 13:35

By William Eazel

Russian security company Kaspersky Lab has discovered a worrying phenomenon in the wake of Microsoft's security gaffe over the .wmf exploit at the end of last year, claiming that hackers are tailoring and selling zero-day malware for specific markets.

Kaspersky claims that exploits for the .wmf vulnerability that emerged over Christmas were being developed specifically for the Russian market, away from the eyes of security companies.

"Around the middle of December, this exploit could be bought from a number of specialised sites," the company said.

"It seems that two or three competing hacker groups from Russia were selling this exploit for $4,000. One of the purchasers is involved in the criminal adware/spyware business, and it seems likely that this was how the exploit became public."

Posted by Spencer Cuffe in Virus & AntiVirus News at 13:33