[Virus Alert] 3 new worms found
Worm name: PERL_SHELLBOT.AV
Risk rating: HIGH
Damage Potential: HIGH
Distribution Potential: HIGH
Description:
This Perl script usually arrives on a system as a downloaded file from a malicious Web site that an unsuspecting user visits.
It affects Web servers running the popular PHP Bulletin Board (PHPBB) application, which is a popular free and open source forum system written in the Personal Home Pages Hypertext Preprocessor or PHP programming language that is used to create dynamic Web pages.
It uses the Google search engine to look for servers with PHPBB Remote URLDecode Input Validation vulnerability using the search string viewtopic.php:. Once it finds a server, it attempts to upload and execute itself onto a vulnerable system. As a result, it opens the system to further attacks.
Worm name: TROJ_SASHDOWN.A
Risk rating: HIGH
Damage Potential: HIGH
Distribution Potential: HIGH
Description:
This Trojan exploits the Microsoft Excel File Embedded Shockwave Flash Object vulnerability.
It is an Excel workbook with an embedded malicious Flash file that contains JavaScript code. Once that file is opened, the Flash file is immediately executed. The Flash file is opened without direct user action.
An attacker can use an Excel workbook as a container for malicious Flash files that execute once a user opens workbook.
Worm name: BKDR_HUPIGON.KM
Risk rating: HIGH
Damage Potential: HIGH
Distribution Potential: HIGH
Description:
This memory-resident backdoor arrives on a system downloaded from the Internet by the malware detected by Trend Micro as TROJ_SMALL.ADP.
When executed, it drops a copy of itself in the Windows folder as SYSDLL.EXE.
This backdoor opens a random port and allows a remote malicious user to perform several commands on the affected system. This routine compromises system security and opens the affected machine to further attacks.
References: http://www.trendmicro.com/vinfo/ (TrendMirco Virus Security Info)
http://www.trendmicro.com/vinfo/zh-tw/default.asp (Traditional Chinese TrendMicro Virus Security Info
