|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: CyBot (cybot
sbox.tugraz.at)Date: Thu Jan 03 2002 - 12:46:00 CST
On Thu, 3 Jan 2002, ByteRage wrote:
> hmm it seems more thorough analysis has already been
> performed by AV researchers :
>
> http://www.symantec.com/avcenter/venc/data/w32.dlder.trojan.html
> http://www.europe.f-secure.com/v-descs/dlder.shtml
> http://vil.mcafee.com/dispVirus.asp?virus_k=99289&
> http://www.xtra.co.nz/help/0,,4128-544089,00.html#dlder
They contain nothing new, just the information from the various
vuln-dev mails.
> It appears to be installed by LimeWare Gnutella /
> Grokster
and BonziBuddy and Net2Phone
(http://www.clicktilluwin.com/clickpartners.htm)
under http://www.clicktilluwin.com/clickprivacyterms.htm, they admit to
monitor URL's the user visits while the trojan is running (to trigger
advertisements).
greetings,
CyBot
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d-(+) s:- a-- C+++ UL+++ P-- L+>++ E- W+(++)>+++ N++ o K++ w !O !M
!V PS++ PE+ Y+ PGP t+ 5 X R>+ tv+ b+(+++) DI++ UF++ D++ G++ e h! r++ y+
------END GEEK CODE BLOCK------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]