Chutneytech | UK Technology News

GLENDALE, Calif., Oct. 28 /PRNewswire/ — PandaLabs, Panda Security’s malware analysis and detection laboratory, has detected several malicious files that are exploiting the latest vulnerability announced by Microsoft (MS08-067) to infect users and steal confidential data, including instant messaging passwords, and online login credentials.

The vulnerability affects Microsoft Windows 2000, Windows XP and Windows Server 2003. Individuals can check their systems here:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
The risk involved in this type of vulnerability is considerable. Users are strongly advised to update their systems as soon as possible, as cyber-criminals have already begun to exploit this security flaw. As long as computers remain unpatched, they will be vulnerable to any of these new malicious codes.

“In addition to email and infected downloads, these vulnerability-exploiting malicious codes are being distributed directly across the Internet, even from legitimate Web pages, so users won’t even realize they have been infected,” explains Luis Corrons, technical director of PandaLabs.

One particular strain of malware, which exploits this security hole, the Gimmiv.A Trojan, enables its creators to take complete control of the compromised system.
Once a computer has been infected, the Trojan starts gathering the following information:
– User names and passwords entered in Web pages
– MSN Messenger passwords
– Outlook Express passwords
– System user name
– Computer name
– Patches installed
– Information about the browser

All stolen information is encrypted using the Advanced Encryption Standard (AES) and sent to a remote server.
“As the Trojan allows systems to be controlled remotely, they can then be used maliciously, say, for sending spam or storing stolen data,” explains Corrons. “Instant messaging is widely used in both corporate and domestic environments nowadays and this Trojan gives cyber-crooks complete access to information sent across this channel.”

PandaLabs advises users to update their operating systems as soon as possible and carry out a full scan of their computers. This can be done for free here: http://www.pandasecurity.com/activescan

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com/
About Panda Security
Panda Security is one of the world’s leading IT security providers, with millions of clients around the globe and products available in over twenty languages. Our mission is to keep our customers’ information and IT assets safe from security threats, giving them the most effective protection with the minimum resource consumption.
Every day, thousands of new malicious codes are created. To combat this threat, Panda Security has developed an innovative and unique security model, which can automatically analyze and classify thousands of new malware samples. This model is collective intelligence and ensures that Panda Security solutions can protect against far more threats than the products of any other company. The exceptional detection capacity of collective intelligence can be put to the test at the Infected or Not website (http://www.infectedornot.com/)

Source: Panda Security

This entry was posted on Friday, October 31st, 2008 at 6:04 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.