Subscribe to RSS feeds


Feb2
by Miray Lozada (Technical Communications)

Staying true to its “click-worthy” social engineering tactics via instant messaging applications, WORM_SOHANAD.U - the latest SOHANAD variant discovered by Trend Micro - sends out an instant message that hopes to coincide with MS Vista’s worldwide consumer release. The message reads:


Microsoft to release 2007 free-of-charge packs of Winsdows Vista for its first 2007 online registered users: http://{BLOCKED}itedreporters.org/?id=ms


This message, however, is just an update of another SOHANAD variant’s message that was making the rounds of chats last November which reads:


Screenshot of new windows version _ Windows Vista http://{BLOCKED}coolpics.net/vista.jpg


Again consistent with earlier variants, WORM_SOHANAD.U has a couple of other messages that when compared with its predecessors’ are also just updates or slightly different. It is also using the usual SOHANAD tricks of the trade: IE default page modifications, malware dropping, and Yahoo! registry alterations. Though just an update, so to speak, WORM_SOHANAD.U is proof that this malware family is very much alive and kicking. It is keeping up with the times and is showing no signs of stopping.



This entry was posted on Friday, February 2nd, 2007 at 9:55 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



Comments are closed.


Superbowl Sunday!
Faked BKA eMails are being spammed


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro IncAll rights reserved. Legal Notice