Worm spreads in the guise of a Security Update

Security experts at MicroWorld Technologies warn that a worm named Win32.Warezov.ms is spreading via spammed emails, disguised as system generated security warnings from the email service provider.

The smartly crafted mail is a good specimen of clever Social Engineering adopted by present day malware authors.

It goes as follows:

Dear Customer,

Our robot has fixed an abnormal activity from your IP address on sending e-mails. Probably it is connected with the last epidemic of a Worm which does not have patches at the moment. We recommend you to install a firewall module and it will stop e-mail sending. Otherwise your account will be blocked until you do not eliminate malfunction.

Customer support center robot.

Some recipients will definitely be stupefied by the System Generated appearance of the mail, says Govind Rammurthy, CEO of MicroWorld Technologies. Their deluded reflex would tell them that its originating from a machine and not created by a human being, which would benumb their ability to smell the rat. That is the very moment the malware writer was hoping for, to slip his malicious file into the victims computer.

The Warazov worm - also known as Stration - is an exe file that appears as a legitimate Windows patch. This variant is a Trojan downloader which brings in malicious files into the compromised computer by contacting various websites via HTTP. Coming with its own SMTP engine, it harvests email addresses from the victims address book and sends its copy to all those user ids.

The Warezov family has been a permanent fixture at most Top Ten Virus charts for six months in a row now. The malware creators strategy is to release countless variants of the worm with slight modifications in code to confuse AntiVirus engines. We combat this menace by incorporating an advanced Intentional and Behavioral analysis that nails down the worm, what ever may its attire be, says Govind Rammurthy.

MicroWorld Technologies makes eScan and MailScan range of products to protect Enterprises and home computers from the threats of Virus, worm, Trojan and a whole lot of other malware. They also provide highly advanced means of Anti-Spam, Anti-Phishing and Content Security, to proactively defend computers from the vices of Internet.

About MicroWorld

MicroWorld Technologies is the developer of the world's most advanced AntiVirus, Content Security and Firewall software eScan, MailScan, and eConceal. MicroWorld Winsock Layer (MWL) is the revolutionary technology that powers most of MicroWorld products enabling them to achieve several certifications and awards by some of the most prestigious testing bodies, notable among them being Virus Bulletin, Checkmark, TUCOWS, Red Hat Ready and Novell Ready.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter