Søg
Avatar billede steen_hansen Forsker
28. november 2001 - 08:39 Der er 3 kommentarer og
1 løsning

Badtrans 2

Er der nogen, der kender noget til denne her? Og i givet fald: I hvilken risikogruppe er den klasicificeret?
Avatar billede NanoQ Nybegynder
28. november 2001 - 08:49 #1
Yes... hehe... har lige fået den tilsendt ;)

Se forsiden af http://www.f-secure.com/

Her er hvad du skal bruge :)
Avatar billede NanoQ Nybegynder
28. november 2001 - 08:50 #2
F-Secure Corporation (HEX:FSC) is alerting computer users worldwide of an email worm called BadTrans.B. According to F-Secure, this worm is spreading fast through email messages and installs a spying Trojan component to steal information from infected systems.

The worm was spotted in Europe on Saturday, November 24. It is expected to keep on spreading significantly faster than the average worms, because on many systems it is capable of executing automatically when an infected email is read.

F-Secure Anti-Virus detects and stops the Badtrans virus. The detection of this variant was added early Sunday, November 25.

BadTrans spreads via e-mail by locating e-mail addresses from local html files and also by replying to e-mail messages found in the system. The messages have no content, and the subject field is typically just \"RE:\" or \"RE:\" followed by a subject of a message the worm replied. The attachment name varies, but it always has double extension such as .TXT.PIF. The worm exploits a security hole that allows it to be run automatically from infected messages on a recipient\'s computer. On systems with Internet Explorer 5.01 installed, the user never sees the attachment before it is automatically executed. Because of the US Thanksgiving holiday , many users have a higher than usual number of unread mails in their in-box, making the worm spread even more widely than would normally be the case.

Badtrans drops a spying Trojan into infected systems. This Trojan, which is detected as Trojan.PSW.Hooker, will monitor keyboard activity, log system passwords and send them out via email. Otherwise the worm won\'t try to delete files or generate massive amounts of network traffic.

\"The most important factor in this worm is the capability for executing attachment files automatically, much like the Nimda worm did,\" comments Mikko Hypponen, Manager of Anti-Virus Research at F-Secure. \"We can only hope that many people have installed suitable patches after the last big virus scares we\'ve had.\"

Technical details of the worm are posted at:
http://www.F-Secure.com/v-descs/badtrans.shtml

Avatar billede NanoQ Nybegynder
28. november 2001 - 08:51 #3
og på dansk: http://www.virus112.com/index.php?page=artikel&artid=321
Avatar billede steen_hansen Forsker
28. november 2001 - 08:54 #4
Tak for det :o)

Jeg må se på sagen
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 13:18 Lokal konto Af Bent i Windows
I går 16:16 Inverse formler Af tdktman i Excel
I går 15:33 disk plads på server Af dcedata1977 i Servere
I går 09:09 Flere brugere i 1 delt pivottabel Af mira96ac i Excel
25/0518:29 Beregning af flextid - formler Af Slettet bruger i Excel
White papers
Flere white papers »