Warning: ob_start() [ref.outcontrol]: output handler 'ob_gzhandler' conflicts with 'zlib output compression' in /home/antispyware/public_html/wp-includes/functions.php on line 336
Pozor na nov?ho trojsk?ho ko??a Trojan.Peacomm · Spyware, malware a v?rusy - AntiSpyware.sk
« ESET NOD32 aktualiz??cia 2007 (20070125)
Programov?? aktualiz??cia pre AVG Antivirus 7.5.441 »

Pozor na nov?ho trojsk?ho ko??a Trojan.Peacomm

Od piatku 19.1.2007 zaznamenali antiv?rov? spoločnosti zv????en?? aktivitu trojsk?ho ko??a s n??zvom Trojan.Peacomm. VzhĞadom k relat?vne kĞudn?mu koncu roku 2006 ide o prv? v???nej??ie ohrozenie tohoto roka. V ka?dom pr?pade doporučujeme overi??, ?e na v??etk??ch antiv?roch pou??vate defin?cie s d??tumom 19.1.2007 alebo nov???m.

V?rus sa ???ri pomocou elektronickej po??ty. Spozn??te ho jednoducho, do predmetu spr??vy vklad?? n??hodne “senzačn?” texty, ktor? by mali vies?? pr?jemcu k rychl?mu otvoreniu pr?lohy.

Pr?klady textov:

  • 230 dead as storm batters Europe.
  • Re: Your text
  • Radical Muslim drinking enemies’s blood.
  • Chinese missile shot down Russian satellite
  • Chinese missile shot down Russian aircraft
  • Chinese missile shot down USA aircraft
  • Chinese missile shot down USA satellite
  • Russian missile shot down USA aircraft
  • Russian missile shot down USA satellite
  • Russian missile shot down Chinese aircraft
  • Russian missile shot down Chinese satellite
  • Saddam Hussein safe and sound!
  • Saddam Hussein alive!
  • Fidel Castro dead.

K spr??ve je prilo?en?? .EXE s??bor, ktor?? na poč?tač nain??taluje ovl??dač (%System%\wincom32.sys). Tento ovl??dač n??sledne začne s??ahova?? ďal??? ??kodliv?? k??d.

Pr?klady mien prilo?en??ch s??borov:

  • FullVideo.exe
  • Full Story.exe
  • Video.exe
  • Read More.exe
  • FullClip.exe
  • GreetingPostcard.exe
  • MoreHere.exe
  • FlashPostcard.exe
  • GreetingCard.exe
  • ClickHere.exe
  • ReadMore.exe
  • FlashPostcard.exe
  • FullNews.exe

Doporučenia pre zastavenie ???renia n??kazy:

  1. Obmedzi?? pr?stup k UDP portom, ktor? n??kaza pou??v?? pre svoje ???renie. Jedn?? sa o porty UDP 7871 a UDP 4000.
  2. Zaisti??, aby v??etky aplik??cie a operačn? syst?my obsahovali v??etky kritick? z??platy (patche) doporučovan? v??robcom.
  3. Na po??tovn??ch serveroch by malo bez v??nimiek doch??dza?? k blokovaniu pr?loh so spustiteĞn??mi s??bormi: .EXE, .VBS, .BAT, .PIF, .SCR, .COM.
  4. Maxim??lne obmedzi?? počet be?iacich slu?ieb na skutočne pou??van?. T??m sa op??? zn??i mo?nos?? n??kazy prostrednictvom ch??baj??cej bezpečnostnej z??platy.
  5. Pou??va?? siln? hesl?? pre ochranu ulo?en??ch ??dajov. V pr?pade ??spe??n?ho napadnutia a odoslania inform??ci? ??točn?kovi sa zni?uje mo?n?? ??koda zo zneu?itia ??dajov.

zdroj: www.symantec.com

This entry was posted on Pondelok, Január 29th, 2007 at 8:31 am and is filed under Novinky. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

TOPlist