Bizex
Results 1 to 2 of 2

Thread: Bizex

  1. #1
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429

    Bizex

    Next one in the Bin Laden-game row

    Kaspersky
    This worm uses the Internet instant messaging system ICQ to spread via the Internet.

    The worm sends ICQ users a message with a URL, which is linked to a file which contains procedures to automatically download and execute the malicious component of the worm on the victim computer.


    Propagation

    On connecting to the site http://www.jokeworld.xxx/xxx.html
    (x here is used to replace certain characters) the CHM-exploit-a is used. The result of this is that a specially constructed CHM file is automatically executed on the victim computer. This file contains another file named 'ie****er.html'; this file contains TrojanDropper, a type of Trojan written in script language. This Trojan extracts a file named WinUpdate.exe from itself to a range of system directories.
    ...

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    An update on this one appeared in today's Toronto Star:


    Spammers in league with cyber outlaws

    ERIK HEINRICH
    SPECIAL TO THE STAR

    A post-mortem on Bizex, a computer worm that attacked an estimated 100,000 PCs worldwide earlier this year, revealed something new and sinister.

    Linked to anonymously registered websites in Russia, Bizex was designed to harvest banking information from the computers it attacked, and to send out spam.

    By exploiting vulnerabilities in Internet Explorer and Windows, Bizex downloaded a special file, or Trojan, onto PCs without the knowledge of their owners. The worm was uploaded into the computer's memory when the computer started its operating system.

    It turned the PC into a zombie awaiting instructions in a kind of web version of The Manchurian Candidate, a film about a POW who has no memory of having been programmed to commit a political assassination.

    A worm is similar to a computer virus, but can be sneakier. You do not have to open an attachment or click on a hyper-link to become infected.

    The owners of PCs infected by Bizex had no knowledge of what was transpiring in the background as they surfed the web, shopped online or banked from home.

    Computers attacked this way form a vast network. And a growing problem.

    Zombie nets mainly threaten home computers. As worms such as Bizex morph into new strains, some may attack vulnerabilities in corporate computer networks, experts say.

    "Zombie nets have become the biggest issue when it comes to user vulnerability," says Tom Copeland, owner of a small Internet service-provider, and chair of the Canadian Association of Internet Providers.

    Zombie nets have been spreading rapidly on the web, he says, in part because reputable ISPs are turning away spammers who want to send out annoying pitches for products.

    "Spammers have few places to go, so they have teamed up with the authors of computer viruses for a common goal," says Copeland.

    Spammers earn money by getting their message out, and cyber outlaws make a buck by allowing spam-engines to piggyback on their malicious code, known in the hacker community as malware.

    The net result is the value of Internet communication is being seriously undermined.

    "Zombie nets have become the most attractive way for spammers to buy computing power and bandwidth," says Richard Reiner, president of Toronto-based FSC Internet Corp., an information-security company whose clients include banks, telephone companies and law firms.

    "One reason is home PCs are such an easy target, particularly if they have a high-speed connection that is always on."

    "Zombie nets are a great way to get the message out," says Jack Sebbag, Canadian general manager of McAfee Inc., a Santa Clara, Calif.-based anti-spam vendor with annual revenue of $900 million (U.S.). "Particularly if they use a host computer's personal email list, so the spam looks like it's coming from a known sender."

    Spam is a rapidly growing problem. It now accounts for 50 per cent point of all Internet mail in North America, up from about 7 per cent in 2001, says Sebbag.

    "Despite the fact that most large enterprises have installed sophisticated filters, spam continues to be a drain on productivity, bandwidth and network performance," he adds.

    Legislators are acting. The U.S. passed its first national anti-spam legislation, Controlling the Assault of Non-Solicited Pornography and Marketing, at the end of 2003.

    But five months after the law was passed, a senate committee reviewing it cited a study that found 77 per cent of email users were receiving as much or more junk mail than ever.

    Canada has no anti-spam legislation. In May 2004, the government created an anti-spam task force, which will make recommendations in spring 2005.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides