Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43435
  • Total Topics: 16529
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2973
Total: 2976









Author Topic: Fast-Spreading P2P Worm Targets USB Drives (Palevo.DP, LimeWire, eMule, DC++ ..)  (Read 6878 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


A crafty new P2P worm appears to be spreading quickly among users of a range of popular file-sharing programs.

So far the countries affected by the worm variant BitDefender calls Palevo.DP - Romania, Mongolia or Indonesia - suggest that the worm is being driven by factors specific to those countries. However, the file-sharing and IM services affected, said to include LimeWire, Ares, BearShare, iMesh, Shareza, Kazaa, DC++, and eMule, are wirdely used around the world by a mainly young audience, so the warning for users outside these countries is clear.

The worm lures victims using a link embedded in a spam IM message, which leads to what appears to be an image file but is actually the malicious payload. From that point on, the malware burrows into the host by installing a number of files that compromise the Windows XP firewall.

By this point the criminals have control over the system and can open backdoors to install further malware or capture passwords entered using Internet Explorer or Mozilla Firefox.

Two elements make Palevo.DP interesting. First, it copies itself to network shares from the infected PC as well as USB sticks or other external drives. Any unprotected system with the Windows autorun feature turned on - basically almost every PC - will find itself infected as those drives are moved from PC to PC.

The second feature is its targeting of P2P services by adding code to shared program files. The combination of removable media and P2P gives the worm a two-pronged attack-and-spread strategy which allows it to target home systems which are then used to launch attacks on better-defended business PCs from inside the network perimeter.

"This Palevo offensive is highly aggressive and during the very beginning of the outbreak we have witnessed rates of infection which easily exceeded 500 percent per hour," said BitDefender senior researcher, Catalin Cosoi.

(PCW)

Samker's Computer Forum - SCforum.info


1edge1

  • SCF Member
  • **
  • Posts: 11
  • KARMA: 2
My laptop suddenly disable windows task manager by itself. is this a virus or a worm of some sort. McAfee and Spybot don't pick anything up. and my it seems stable. It been like this ever since I put in a flash drive

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
My laptop suddenly disable windows task manager by itself. is this a virus or a worm of some sort. McAfee and Spybot don't pick anything up. and my it seems stable. It been like this ever since I put in a flash drive

Hi 1edge1,

don't worry we'll try to help you to fix your lap. ;)

Now please visit "SCF PC Help Center": http://scforum.info/index.php?action=forum , open your own Topic and provide us all possible info's about mentioned problem.

cya there,

S.

einherjar

  • SCF Member
  • **
  • Posts: 43
  • KARMA: 5
ive been downloading anime via torrent (which is p2p.. am i right).. my mcafee vse logfiles says blocked rule prevent from mass mailing worms from sending mail.. this was not like this a few weeks back.. maybe there are new threats just poping out.. good thing im protected because it says blocked.. and yeah  my other pc, the xp one.. i cant open the task manager anymore.. my previous anti virus which is avast the free one.. detected a virus and yeah it spreads quickly.. so i scheduled a boot time scan.. and atack sa WINDOW files.. maybe that was the reason?.. everytime i open the task manager.. the icon of avast on the tray turns.. and no task manger window appears :-\.. soo.. seems my xp is still stable.. i dont mind the task manager issue but still i wonder what happend though.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
ive been downloading anime via torrent (which is p2p.. am i right).. my mcafee vse logfiles says blocked rule prevent from mass mailing worms from sending mail.. this was not like this a few weeks back.. maybe there are new threats just poping out.. good thing im protected because it says blocked.. and yeah  my other pc, the xp one.. i cant open the task manager anymore.. my previous anti virus which is avast the free one.. detected a virus and yeah it spreads quickly.. so i scheduled a boot time scan.. and atack sa WINDOW files.. maybe that was the reason?.. everytime i open the task manager.. the icon of avast on the tray turns.. and no task manger window appears :-\.. soo.. seems my xp is still stable.. i dont mind the task manager issue but still i wonder what happend though.

Hi einherjar,

probably same situation like with "1edge1"...

Also, please visit SCF "PC Help Center": http://scforum.info/index.php?action=forum open your own Topic related to this problem and We'll get you next instructions ASAP.

cya there,

S.


P.S.

SCF Team insist on using SCF "PC Help Center" because of other SCF Members which have similar problems... ;)


Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023