67 new variants of the Spamta worm appear in just 7 days, re

10/5/2006. - The creator of these malicious codes continues to saturate the Internet with multiple variants of this code to increase the probability of a computer being infected; The proactive TruPreventTM Technologies can detect and block the Spamta worms, so computers that have them installed have been protected from these malicious codes from the outset.

PandaLabs continues to detect new variants of the Spamta email worms. In fact, 67 new variants of this worm have been identified in the last 7 days, bringing the total number of Spamta variants in circulation to almost one hundred. The latest variant detected so far is Spamta.GO.

All the Spamta variants in circulation are very similar, with the only differences being the email messages they use as a bait, the size or compression format of the files that contain the worms, or the files that they copy to computers. The messages that they display when run can also vary. The CY variant, for example, opens Notepad, which shows a series of garbled characters, whereas the FQ variant opens a dialog box saying that a program update has been successfully installed.

The strategy of the worms’ creator is very clear: to put as many variants of this worm as possible in circulation in order to increase the probability of a computer being infected by one of them. What remains unclear, however, is the purpose behind these actions, as these malicious codes seem to be the typical email worms intended to send themselves out to as many addresses as possible: “Actually these new variants do not fit the new malware dynamic, whose purpose is for creators of threats to make easy money. Rather, we think these are tests aimed at finding a malicious code that can quickly propagate to as many computers as possible. Once this is achieved, it is very probable that the creator will try to include some new features that allow them to carry out much more harmful actions”, explains Luis Corrons, director of PandaLabs.

The TruPreventTM proactive protection technologies have detected and blocked all these new worms, so computers with these technologies installed have been immune to attacks from these malicious codes from the outset.

Panda Software clients that don´t yet have TruPreventTM Technologies have the updates available to install them along with their antivirus and ensure they have preventive protection against unknown viruses and intruders. More information about TruPreventTM Technologies at http://www.pandasoftware.com/truprevent.

To help as many users as possible scan and disinfect their systems, Panda Software offers its free, online anti-malware solution, Panda ActiveScan, at http://www.activescan.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free from http://www.pandasoftware.es/partners/webmasters/.

For further information about these and other computer threats, visit Panda Software´s Encyclopedia.

About PandaLabs
Since 1990, PandaLabs’ mission has been to analyze new threats as soon as possible to ensure that our clients are safe. Several teams specialized in each specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc.) work 24x7 to offer global coverage. To do this they are supported by TruPrevent™ Technologies, a truly global early warning system made up of sensors that are strategically distributed and neutralize new threats and send them to PandaLabs for in-depth analysis. According to AV-Test.org, PandaLabs is the fastest in the industry to offer complete updates (more information at www.pandasoftware.com/pandalabs.asp).

Oxygen3 24h-365d
by Panda Software

2006-10-06 15:58

Back

IT News: