NEW DELHI: Trend Micro, Inc., provider of network antivirus and Internet content security software and services, has issued a medium risk alert for WORM_WURMARK.J, a memory-resident worm, which has been seen spreading by email throughout Asia and Europe. Upon execution, it drops a copy of itself in the Windows system folder using a random file name.
According to the press release, it also drops a randomly named (Dynamic Link Library) DLL file in the Windows system folder, which is a component of an IESpy, a Spyware program. This is the first time a worm has been identified, containing a commercial spyware program, the release states.
WORM_WURMARK.J has a separate keylogging capability built into the malware. It saves the logs typed by the user in a dropped random DLL file; WURMARK also collects any information entered into new text files. On execution, WURMARK drops several zip files in the Windows system folder as email attachments.
The subject of the email varies, using a number of words such as "details", "girls" "music" and "readme". Using basic social engineering methods, it entices users to open the .zip files with names like "love.zip", "image.zip" and "screensaver.zip". The message body however is blank.
Malicious spyware on the prowl
New Update
/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
 Follow Us
 Follow Us