The Zafi Worm, which has been around
for some time now, is found to be spreading in large
numbers via emails written in Hungarian Language,
over the last few weeks, said Security Analysts at
MicroWorld Technologies.
'Worm.Win32.Zafi.b' is a dual vector malware that
spreads through email attachments as well as local
and file-sharing networks. Written in Assembly language,
Zafi.b copies its file to the Windows system directory
upon execution and registers the file in the Run folder
of the system registry to enable it to run every time
the computer is started.
Zafi overwrites some executable files and may stop
some programs from working. It then harvests email
addresses from the victim's address book and starts
mass mailing.
"Zafi has been first identified two years ago
and since then it's been there On and Off in Virus
charts, touring the world with the help of mails written
in many a European languages," informed Arti
Taru, Assistant Manager-R&D, MicroWorld Technologies.
"This time around there's some significant traffic
of the Worm with a widely varied list of subject lines,
mail content and a random choice of attachments, mostly
in Hungarian and a few in French".
MicroWorld experts had found an earlier variant of
the Worm that spread using mails written in English.
The mail reads as given below, though the contents
of the current mails in other European languages are
no way related to this one in their meaning.
Dear Customer!
You`ve got 1 VoiceMessage from voicemessage.com website!
Sender:
You can listen your Virtual VoiceMessage at the following
link:
http://virt.voicemessage.com/index.listen.php2=35affv
or by clicking the attached link.
As for its network creeping routine, Zafi.b copies
itself to all folders that contain words 'share' or
'upload' in them.
eScan, the world's most advanced AntiVirus and Content
Security Software from MicroWorld Technologies, comprehensively
safeguards users against online threats like these
by continuously updating their protection against
Worms, Viruses, other malware and Vulnerability Exploits.
"When confronting a Worm that spreads using
multiple channels of proliferation, Enterprises need
to be all the more vigilant in protecting their entire
network of Information Systems. Because a Malware
that gets into the system via a rogue computer can
take the network route in its second phase of infection.
That's why we have designed eScan Enterprise with
Centralized Management and Integrated Security Policies,
which sense every vulnerable system in the network
and guard it accordingly," said Govind Rammurthy,
CEO, MicroWorld Technologies.
MicroWorld
MicroWorld Technologies (www.mwti.net)
is the developer of the world's most advanced AntiVirus
and Content Security software eScan
for Desktops and Servers. Its gateway-level email
security software, MailScan,
is a comprehensive mail scanner for SMTP/POP3 Mail
Servers. MicroWorld
Winsock Layer (MWL) is the revolutionary technology
underlying these products, powering them to several
certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin,
Checkmark, TUCOWS, Red Hat Ready and Novell Ready.
On the Network Security side, MicroWorld offers a
powerful, futuristic network firewall branded as eConceal.
To learn more, kindly visit http://www.mwti.net.
From
