This week saw a number of threats showing low to medium prevalence, says Brett Myroff, CEO of Sophos distributor, Netxactics.
"Among these, Troj/Agent-GAO, a Trojan for the Windows platform, creates a registry entry when first run and copies itself to system files.
"While not a major concern for companies whose security software includes the latest updates to protect against this Trojan, it could still wreak havoc for organisations not adequately protected," he notes.
"W32/Kies-A, a virus and network worm for the Windows platform, is also spreading by infecting executable files on local drives and available network shares. It downloads code from a preconfigured Web site and executes it.
"Troj/Mailbot-CG, a backdoor Trojan for the Windows platform, has also been noted and includes a number of aliases: SpamTool.Win32.Agent.u, Spam-Xarvester Trojan and Spammer:Win32/Agent.u.
"The Trojan gives remote intruders access to a compromised computer, allowing them to send arbitrary e-mails. When Troj/Mailbot-CG is installed, it creates a file in the Root directory. The file fwdrv.sys is registered as a new system driver service named 'fwdrv.sys', with a display name of 'fwdrv.sys'.
"VBS/TinyDwn-A, a downloader Trojan, is also cause for concern. Its main side effect is downloading code from the Internet, while W32/Cekar-D, another virus for the Windows platform, spreads by infecting files and also downloads executable code.
"Companies need to protect their desktops and servers with automatically updated protection not only against the latest surge of malware, but also against spyware, hackers and spam," Myroff cautions.
Share
Editorial contacts