Uncategorized

Malware Spam Joy

Note: This entry has been restored from old archives.

Malware seems to be getting more straightforward these days, from a short while ago:

We are looking for Consumer opinions of our new software Digital Kittens

This beta testing will enable us to fine tune the software for public
release. For helping out, you will receive a free edition and 5 years of
updates.

1: Download the software  2: Try it  3: Tell us what you think If you
want to participate, just follow the link to our download site:
http://7w.2xx.2y.1zz/setup.exe

Who wouldn’t want free digital kittens?! You can play with beta kittens, help some company out, and get years of free digital kittens as a reward. How do you fight that wetware exploitation? “Don’t accept kittens from strangers.”? I have trouble getting over the point of view that “it’s damn obvious that you don’t execute unsolicited .exe files”, but the fact is this still seems to only be obvious to a minority of computer users. Got to have that AV installed! It’ll give you some protection, though probably wont be much use if you’re in the first wave of recipients of a properly engineered piece of malware that’s been tested against the AV engines.

VirusTotal.com tells me (with engines that failed to do the job edited out):

AhnLab-V3           Win32/Zhelatin.worm.140367
AntiVir             WORM/Zhelatin.Gen
Authentium          Possibly a new variant of W32/Fathom.3-based!Maximus
Avast               Win32:Tibs-BFG
AVG                 Downloader.Tibs.7.X
BitDefender         Trojan.Peed.IGS
CAT-QuickHeal       (Suspicious) - DNAScan
ClamAV              Trojan.Small-3637
DrWeb               Trojan.Packed.142
eSafe               Win32.Zhelatin.hq
eTrust-Vet          Win32/Sintun.AE
Ewido               Worm.Zhelatin.hq
Fortinet            W32/Tibs.GN@mm
F-Prot              W32/Fathom.3-based!Maximus
F-Secure            Email-Worm.Win32.Zhelatin.hs
Ikarus              Email-Worm.Win32.Zhelatin.hq
Kaspersky           Email-Worm.Win32.Zhelatin.hs
McAfee              Tibs-Packed
Microsoft           Trojan:Win32/Tibs.DV
NOD32v2             Win32/Nuwar.Gen
Norman              W32/Tibs.ASFB
Panda               W32/Nurech.AU.worm
Sophos              Mal/Dorf-E
Sunbelt             VIPRE.Suspicious
Symantec            Trojan.Packed.13
TheHacker           W32/Zhelatin.genw
VirusBuster         Trojan.Tibs.Gen!Pac.132
Webwasher-Gateway   Worm.Zhelatin.Gen

This kitten is diseased. Time to back over it’s poor little head with a car.