Panda Software´s weekly report on viruses and intruders

This week stands out for the activation, today February 3, of the payload of the Tearec.A worm, which Panda Software has been informing users about. Although definitive reports are pending, up until now, the worm seems to have had a lower impact than expected.

However, Panda Software recommends enabling the protection installed on systems, as low expectations of the activity of a malicious code can increase its danger.

PandaLabs has also reported three other malicious codes this week: Breplibot.H, Mytob.MW and Mitglieder.HO, a backdoor Trojan, a worms and a Trojan.

The first of them, Breplibot.H, is a backdoor Trojan that receives remote control commands through port 8080. To avoid detection, it ends the processes belonging to antivirus programs and firewalls, such as those incorporated in Windows XP.

Breplibot.H cannot spread automatically using its own means and therefore, needs an attacker to distribute it.

The second malicious code is another member of the Mytob family of worms, called Mytob.MW. This version has its own IRC client, which it uses to connect to the #thirdy channel of the IRC server st0ned.fastassrides.info and wait for remote control commands to carry out on the affected computer. It also prevents the user from accessing certain web pages, which in most cases belong to antivirus manufacturers.

Mytob.MW spreads via email in a message with variable characteristics and an attachment with a zip extension, which contains the malicious code.

The last malicious code in this week’s report is Mitglieder.HO; a Trojan that tries to download several files from a list of web pages. What’s more, it connects to certain web pages to check how many computers it has infected.

Any of these three malicious codes can expose data to attackers, putting the affected user at risk. If user stores credit card numbers, online banking details or other sensitive information on the computer, they could easily and rapidly fall victim to fraud.

Panda Software recommends installing antivirus protection that does not rely on updates alone, but also incorporates intelligent technologies for detecting unknown malicious code, such as TruPrevent™ Technologies. By doing this, new malicious code designed to steal data and money will be faced with a barrier that is not easy to overcome.

For further information about these and other computer threats, visit Panda Software´s Encyclopedia.

About PandaLabs

Since 1990, PandaLabs’ mission has been to analyze new threats as soon as possible to ensure that our clients are safe. Several teams specialized in each specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc.) work 24x7 to offer global coverage. To do this they are supported by TruPrevent™ Technologies, a truly global early warning system made up of sensors that are strategically distributed and neutralize new threats and send them to PandaLabs for in-depth analysis. According to AV-Test.org, PandaLabs is the fastest in the industry to offer complete updates (more information at www.pandasoftware.com/pandalabs.asp).