[virusinfo] TruPrevent(TM) Technologies neutralize two new variants of Mytob without previous identification - 6-02-05]
- From: "Mike" <mikebike@xxxxxxxxx>
- To: virusinfo@xxxxxxxxxxxxx
- Date: Thu, 02 Jun 2005 10:30:53 -0700
From; Panda Oxygen3:
"Better to rely on one powerful king than on many little princes."
Jean de La Fontaine (1621 - 1695) French poet
- TruPrevent(TM) Technologies neutralize two new variants
of Mytob without previous identification -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
MADRID, June 2 2005 - According to PandaLabs, two new and potentially
dangerous variants of the Mytob worms, -EC and EB-, are spreading via email
around the world. The TruPrevent(TM) proactive detection technologies
developed by Panda Software to detect and block unknown malware, have been
effective in preventing attacks from this malicious code, so users who have
these technologies installed on their computers have been protected from
the outset, unlike those with traditional antivirus products, who would
have to wait up to several hours for the update of the signature file.
In this case, the need to use proactive technologies such as TruPrevent(TM)
is even more pressing, as these variants of Mytob are designed to prevent
antivirus products installed on a computer from updating, and if successful
will leave users unprotected against this threat. In order to block these
updates, the worms modify the system HOSTS file.
When they run, these two malware variants terminate all types of processes
to avoid being detected. They also open a backdoor on the computer to
allow the entry of commands and files sent by a remote user through IRC
channels, and therefore this multi-purpose malware is potentially very
dangerous.
These worms employ the usual email techniques in order to spread: sending
themselves to addresses that they get from certain files within the
infected computer, and including the virus itself in a compressed ZIP
attachment, in a message which is normally in English, warning of the
closure of email accounts and asking the potential victim to open the
attached ZIP file to continue using the supposed account.
"We are increasingly seeing new variants of malware that include both the
termination of processes associated to antivirus products, and the blocking
of the computer's communication with certain websites, such as those
through which the antivirus is updated ", explains Luis Corrons, director
of PandaLabs. For this reason, the barrier provided by proactive
technologies is vital, as they don't need to be updated for every new
example of malware in order to be effective. The idea is to be one step
ahead in terms of antivirus protection, based on interception and
prevention."
The effectiveness against new malware of traditional antiviruses depends on
the reaction time of security companies and of users, and therefore when
dealing with a rapidly spreading malicious code, the chances of a computer
being infected -even with an updated antivirus installed- are very high.
The solution to this problem involves using proactive solutions, such as
TruPrevent(TM) Technologies, which detect and block unknown malware
without having previously identified it.
According to Luis Corrons: "TruPrevent(TM) Technologies determine the
presence of malware by analyzing its behavior. These innovative
technologies monitor the action taken by an application, and if
-collectively- they could be damaging to the system, it blocks them and
sends the suspicious file to PandaLabs, where the potential threat is
analyzed in-depth and if necessary the corresponding vaccine is generated.
TruPrevent(TM) Technologies are not a substitute for traditional
antiviruses but a compliment and correspond to the strategy of Panda
Software of obtaining the highest possible levels of security against
Internet threats using a combination of technologies.
"Since they were launched in August 2004 TruPrevent(TM) Technologies have
detected more than 6000 examples of previously unknown malware. This also
enables us to be the fastest in generating vaccines against new malware for
our traditional antivirus solutions", concludes Corrons.
Panda Software's clients can already access the updates for installing the
new TruPrevent(tm) Technologies along with their antivirus protection,
providing a preventive layer of protection against new malware. For users
with a different antivirus program installed, Panda TruPrevent(tm) Personal
is the perfect solution, as it is both compatible with and complements
these products, providing a second layer of preventive protection that acts
while the new virus is still being studied and the corresponding update is
incorporated into traditional antivirus programs, decreasing the risk of
infection. More information about TruPrevent(tm) Technologies is available
at: www.pandasoftware.com/truprevent
In order to help as many users as possible scan and disinfect their
computers, Panda Software offers Panda ActiveScan, free of charge, at
http://www.pandasoftware.com.
For further information about the malicious code mentioned above, visit
Panda Software's Virus Encyclopedia at
http://www.pandasoftware.com/virus_info/encyclopedia/.
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
------------------------------------------------------------
The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner:
1)Qhost.gen; 2)Netsky.P; 3)Sdbot.ftp; 4)Mitglieder.DC; 5)Mhtredir.gen.
------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------
*********** MIKE"S REPLY SEPARATOR ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance and OWTA Charter Member
Other related posts:
- » [virusinfo] TruPrevent(TM) Technologies neutralize two new variants of Mytob without previous identification - 6-02-05]
