Printer Friendly

Fizzer--a multi-threat worm that attacks via e-mail and KaZaA. (Virus Notes).

"Fizzer' is a classic network worm that propagates across the Internet. It arrives at the target computers as an executable file and activates when a user launches it. Once this happens "Fizzer" cremes 5 additional files and modifies the Windows registry auto-run section so that the worm loads each time the operating system is started. Distinctive, though certainly not a unique characteristic of this worm, is its multiple treat construction: the worm is equally effective at spreading itself via both e-mail and the KaZaA file-sharing network.

To send itself out via e-mail, "Fizzer" scans the addresses in a victim's Outlook and Windows address books or randomly attacks e-mail addresses in public e-mail systems such as hotmail.com and yahoo.com. Next, the worm, in the name of the computer owner, clandestinely sends out infected messages using different subjects, message texts and file attachment names.

"Fizzer" carries a dangerous payload that can cause confidential data to be leaked from infected computers. The worm installs a keyboard-logging program that intercepts and records all keyboard strokes in a separate log file. To transmit this information as well as other sensitive data from victim machines, "Fizzer" implements a backdoor utility (a utility making possible unauthorised, remote control of victim computers) that allows the worm's 'master" to control a computer via IRC channels as well as via HTTP and Telnet protocols undetected. Additionally, the worm regularly connects with Web page located on the Geocities server from which it attempts to download an updated version of its executable modules. Finally, to avert being detected, "Fizzer" scans the memory of victim computers and shuts down the active processes of an array of the most widely used anti-virus programs. www.kaspersky.com
COPYRIGHT 2003 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Database and Network Journal
Date:Jun 1, 2003
Words:284
Previous Article:Vlirus-infected E-mails received by SMES continue to rise. (Virus Notes).
Next Article:Virus top twenty--May 2003. (Virus Notes).


Related Articles
Nimda - how it works. (VIRUS NOTES).
Securing the Enterprise Against Blended Security Threats. (Special Advertising Feature).
Network worm "Roron"--red alert. (Virus Notes).
The Bibrog worm: stay ahead of the game. (Security).
Bugbear-B worm major irritant of 2003. (Virus Notes).
The top ten viruses in 2003.
MyDoom worm spreading fast.
"We don't need no education"--Netsky-Z worm contains website attack.
Netsky--R latest in barrage of warring worms.
2006 annual threat round-up and 2007 forecast: a special report by Trend Micro- December 2006 David Sancho, threat specialist Jamz Yaneza, senior...

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters