Tuesday, December 26, 2006

Christmas & New Year Themed Malware

Unfortunately, the malware writers seem to find it amusing to take advantage of the holiday spirit. F-Secure has posted information on three Christmas and one New Year-related infected themes used to entice recipients.
  • CHRISTMAS.EXE -- When run, this IRCBot variant will try to download various malicious executables from web servers.
  • Christmas_Puzzle.exe -- This is a backdoor which uses a rootkit to hide its presence on a system. It displays a Christmas-themed jigsaw puzzle game.
  • Christmas+Blessing-4.ppt -- This exploit has been embedded in what had been a safe Christmas PowerPoint slide show. The PowerPoint file uses MS06-012 or a related vulnerability to drop and execute two embedded programs.
  • postcard.zip -- This is a Warezov e-mail spam that hides behind a "Happy New Year" postcard.
Like a broken record, I will repeat -- please make sure your system is properly secured with a firewall, updated anti-virus protection and Microsoft Updates. Do not click on links or open attachments from sources you do not recognize.

Happy Holidays!


No comments: