June 11
June 11 - Weekly report on viruses and intrusions - Virus Alerts, by Panda Software http://www.pandasoftware.com


Madrid, June 11 2004 - This week's report on viruses and intrusions will
deal with three worms: Plexus.B, Korgo.H and Korgo.I, and the Trojan
Downloader.GK.

Plexus.B is a variant that bears a lot of similarities to the original worm
and uses various means of propagation. It can enter computers directly from
the Internet by exploiting the LSASS Windows vulnerability and it can send
itself as attachment to an e-mail message. It is also designed to spread
across networks and using the file-sharing program (P2P) KaZaA.

Even though Plexus.B can only directly enter computers running Windows XP or
2000, it can still affect other Windows platforms. In these cases however,
it needs the user to execute the infected file.

Plexus.B modifies the Windows host file, overwriting its content. In this
way, it prevents the user from accessing the website of a well-known
antivirus company.

Korgo.H and Korgo.I are two new members of this prolific family of worms
that exploit the Windows LSASS vulnerability. By using this operating system
flaw, they spread across the Internet and automatically enter computers.
Like Plexus.B, the two variants of Korgo also affect all Windows platforms,
although they only automatically infect systems running XP and 2000.

Once they install themselves on a computer, Korgo.H and Korgo.I open several
TCP ports and wait to receive a file to run on the infected computer. To
this end, they also try to connect to several IRC servers.

Finally, Downloader.GK is a Trojan that downloads and runs two adware
programs (Adware/BetterInet and Adware/SearchCentrix) on the infected
computer. It doesn't spread on its own, but is downloaded from certain web
pages when the user accepts the installation of a specific ActiveX control.

For further information about these and other computer threats, visit Panda
Software's Encyclopedia:
http://www.pandasoftware.com/virus_info/encyclopedia/

Additional information

- Port / Communication port: Point through which a computer transfers
information (inbound / outbound) via TCP/IP.

- P2P (Peer to peer): A program -or network connection- used to offer
services via the Internet (usually file sharing), which viruses and other
types of threats can use to spread. Some examples of this type of program
are KaZaA, Emule, eDonkey, etc.

More technical definitions at:
http://www.pandasoftware.com/virus_info/glossary/default.aspx

My Beloved country






What kind of windows are u running on?
What kind of windows are u running on?

view results


Panda ActiveScan - Free Online Virus Check





Supports Internet Explorer & Netscape







Google
WWW http://alanlim.htmlplanet.com





© Copyright 2004 Alan Lim. All Rights Reserved