Latest Virus Making the Rounds

30 November -0001

In case "You've received an ecard from a family member" recently you should be aware that this is a fairly insidious piece of virus/malware now making the rounds. A full write up can be found at the Internet Storm Center (http://isc.sans.org/diary.html?storyid=3063), but in a nutshell the links in the email will point you towards malware sites. These websites will attempt to exploit three separate vulnerabilities via JavaScript (a Quicktime vulnerability, a WinZip one and a WebViewFolderIcon vulnerability). Just goes to show you that you need to keep your software up to date! If any of these exploits succeed a small executable will be downloaded and run on your machine. The websites also provide links to the downloadable executables so you can download the virus and infect yourself (how considerate). Be warned that as of this writing most major virus detection suites won't flag these executables. Once run the virus turns the host machine into a zombie bot on a P2P network that can be used for sending more spam, hosting other viruses or God knows what else.