PandaLabs, the laboratory of the security software company Panda Software, warns of the spread of the new B variant of the BlackAngel worm. PandaLabs has apparently already received several incidents from users affected by this worm.
This worm spreads via Microsofts instant messaging program MSN Messenger. In order to spread through this tool, it sends messages to all the contacts in the users contacts list, disguising itself as a video called Fantasma (Ghost).
If the recipient opens the file, an image appears on screen with a text in Spanish En el 1er día te espantas, en el 2º te desesperas, en el 3º buscas ayuda y en el 4º mueres (on the 1st day you get scared, on the 2nd you get desperate, on the 3rd you look for help and on the 4th you die).
When the file is run, the BlackAngel.B code carries out several modifications to the system, which include closing different security applications (antivirus programs, firewalls, etc.) in order to avoid detection. Whats more, it tries to close a number of windows so that the user cannot use operating system configuration tools.
These windows are: Windows Task Manager, Control Panel, Registry Editor, System Configuration Utility, and System Restore.
In order to spread to the contacts in MSN Messenger, it blocks a window in this application and prevents the user from accessing it. From this window it starts a conversation with the contacts, during which it sends messages like jaja look at that or mira este video, and a Web address, from which the worm is downloaded to infect the computer.
[
Best Security Software Pricing UK]
[
Best Security Software Pricing US]
BIOS, Jun 16, 06 | Print | Send |
Comments (0) | Posted In
Security