Subscribe to RSS feeds


Feb2
by Miray Lozada (Technical Communications)

Staying true to its “click-worthy” social engineering tactics via instant messaging applications, WORM_SOHANAD.U - the latest SOHANAD variant discovered by Trend Micro - sends out an instant message that hopes to coincide with MS Vista’s worldwide consumer release. The message reads:


Microsoft to release 2007 free-of-charge packs of Winsdows Vista for its first 2007 online registered users: http://{BLOCKED}itedreporters.org/?id=ms


This message, however, is just an update of another SOHANAD variant’s message that was making the rounds of chats last November which reads:


Screenshot of new windows version _ Windows Vista http://{BLOCKED}coolpics.net/vista.jpg


Again consistent with earlier variants, WORM_SOHANAD.U has a couple of other messages that when compared with its predecessors’ are also just updates or slightly different. It is also using the usual SOHANAD tricks of the trade: IE default page modifications, malware dropping, and Yahoo! registry alterations. Though just an update, so to speak, WORM_SOHANAD.U is proof that this malware family is very much alive and kicking. It is keeping up with the times and is showing no signs of stopping.




Comments are closed.



© Copyright 2008 Trend Micro IncAll rights reserved. Legal Notice