Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    A new MS08-067 exploit silently made its entrance as the rest of the world was keeping watch on DOWNAD’s next step last week. In what seems to be a case of “old worm with new tricks,” the worm Neeris which has been active for a few years now was found updated with the now infamous MS08-067 exploit.

    Detected by Trend Micro as WORM_NEERIS.A, the number of PCs infected by this variant reportedly spiked almost at the same time that DOWNAD was supposed to do its thing. However, despite similarities between DOWNAD and Neeris, Microsoft reports that no evidence has been found suggesting any connection between the two.

    Apart from propagating through the Microsoft Server Service Vulnerability, WORM_NEERIS.A also propagates through removable drives, SQL servers, and through the instant messaging application MSN Messenger. It also drops a rootkit component, detected as RTKT.FARFLI.UW which it uses to hides its processes. This worm also opens the affected system’s port 449 and connects to a certain site where it waits for commands sent by a remote user.

    If Neeris would be able to live up to the mark left by DOWNAD is anyone’s guess for now. Sadly, the fact that another threat leveraging on the same vulnerability that had just been on the global spotlight has emerged indicates that there are still users who are unable to see the importance of updating their systems. Users must realize that cyber criminals will continue to strike as long as they keep themselves vulnerable. So please, update your systems here.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice