Yes, I know we should talk about how to protect computers, not about how to infect them, but… aren’t you curious? We found a server managed by a hacker that controls more than 40.000 computers. Only yesterday, he created a new trojan and sent a command to all zombies: download & run.
This is not the typical IRC botnet, but a http-based botnet, so the hacker won’t find any problem if there is a firewall in the computer. It was just a downloader trojan that installed some malware in the infected computers:
– A spammer trojan (hey, this guy has + 40.000 PCs ready to send out spam and flood all of us!)
– An adware (Adware/Bravesentry) that change your desktop to black and with big white letters saying that you are infected, and all the typical stuff. This adware intalls in the computer a rogue antispyware (Application/Bravesentry), a tool that is reporting all the time that you are infected until you purchase it. Once you buy it, it leaves you alone.
This was the first time we looked at it, some time latter it was downloading new stuff:
– W32/Nurech.B.worm (more info here).
– Rootkit/Nurech.A (to hide W32/Nurech.B.worm).
– Rootkit/Alanchum.GC (to hide the Trojan Trj/Abwiz.A).
– Trj/Abwiz.A (to steal passwords, e-mail addresses, etc.).
– Application/WinAntivirus2007 (just another rogue antispyware).
So you can see, many malware in many computers at the same time trying to take money and information from the users. And in just one second. Scary, isn’t it?
If you want to feel safe, just try a quick scan using our beta NanoScan (memory scan in a few seconds).