Fizzer--a multi-threat worm that attacks via e-mail and KaZaA. (Virus Notes).
To send itself out via e-mail, "Fizzer" scans the addresses in a victim's Outlook and Windows address books or randomly attacks e-mail addresses in public e-mail systems such as hotmail.com and yahoo.com. Next, the worm, in the name of the computer owner, clandestinely sends out infected messages using different subjects, message texts and file attachment names.
"Fizzer" carries a dangerous payload that can cause confidential data to be leaked from infected computers. The worm installs a keyboard-logging program that intercepts and records all keyboard strokes in a separate log file. To transmit this information as well as other sensitive data from victim machines, "Fizzer" implements a backdoor utility (a utility making possible unauthorised, remote control of victim computers) that allows the worm's 'master" to control a computer via IRC channels as well as via HTTP and Telnet protocols undetected. Additionally, the worm regularly connects with Web page located on the Geocities server from which it attempts to download an updated version of its executable modules. Finally, to avert being detected, "Fizzer" scans the memory of victim computers and shuts down the active processes of an array of the most widely used anti-virus programs. www.kaspersky.com
|Printer friendly Cite/link Email Feedback|
|Publication:||Database and Network Journal|
|Date:||Jun 1, 2003|
|Previous Article:||Vlirus-infected E-mails received by SMES continue to rise. (Virus Notes).|
|Next Article:||Virus top twenty--May 2003. (Virus Notes).|