Panda Security’s weekly report on viruses and intruders
January 2009 by Panda
This week, the PandaLabs report looks at the backdoor Trojan Emogen.B, the SystemSecurity adware and the Gafermus.A Trojan.
Emogen.B is a backdoor Trojan that connects to a server and lets attackers take control of the targeted computer remotely. They will then be able to monitor system activities and take actions such as downloading malware, stealing user information, controlling the Command Prompt window remotely and even starting a chat session with the infected user.
This backdoor Trojan cannot spread automatically, but uses the usual means of propagation: P2P networks, physical devices such as CDs or floppy disks, Internet downloads or FTP file transfers.
SystemSecurity is a fake antivirus-type adware that displays a false infection report to trick users. If the user clicks the button to disinfect the computer, it displays a page asking for a fee.
"This type of fraud has become quite popular lately. Malware like this shows the real financial motivation behind malicious code. Cyber-crooks will turn to anything to profit from infected users", explains Luis Corrons, Technical Director of PandaLabs.
Finally in this week’s report, we mention Gafermus.A, a Trojan that tries to connect to certain Web pages to download other malware. Then, it makes several copies of itself on the infected system using random names from the Windows services. It cannot spread automatically using its own means but requires user intervention.