W32/Vora.worm!p2p tries to spread trough P2P networksBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard Network Security Scanner - Dld 30-day trial! del.icio.us  digg  Furl  NewsVine  Spurl  Blinklist  Ma.gnolia  Reddit  Tailrank  YahooMyWeb 
Best Tips
Database Software Attac...
Protect Against Web Atta...
How To Push The Anti-Spy...
F-Secure Internet Securi...
Application Security Hac...
6 Reasons to Clean Your ...
DNS Servers Attacks
Backup Software Attacks
What is a Firewall ?
TrustPort Workstation Re...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Bugtraq: reviving the botnets@ mailing list: a new statregy in fighting cyber crime
2008/8/28 15:43:04
Bugtraq: [USN-638-1] Yelp vulnerability
2008/8/28 14:00:23
Bugtraq: XSS and Data Manipulation attacks found in CMS PHPCart.
2008/8/28 14:00:23
Bugtraq: [security bulletin] HPSBUX02365 SSRT080118 rev.1 - HP-UX Running Apache, Remote Cross Site Scripting (XSS) or Denial of Service (DoS)
2008/8/28 14:00:23
Troj/Agent-HNI
2008/8/28 13:43:06
Downloads
 0.Fx MPEG Suite
 1.Daniusoft Video to MP4 Converter
 2.iProtectYou
 3.Deep Ball Defender
 4.Amazing Parrots Screensaver
 5.FlashCam Rebroadcasting server
 6.MysqlDataBackupTool
 7.Photo-Paint 9 script converter
 8.Fast PDF converter
 9.Apex iPod Video Converter Home Edition
RSS / Atom Feeds
P2P Security News : W32/Vora.worm!p2p tries to spread trough P2P networks
Posted by Max on 2007/11/15 12:59:02 (1022 reads)
P2P Security News

McAfee has added anti-virus detection against what seems to be a targeted P2P spreading virus. W32/Vora.worm!p2p symptoms include re-appearing of a small gui message box on the screen with caption of the messagebox is:  Doomsday Has Come..., and message : YOU ARE iNFECTED BY RAVO_5002.

The worm tries to spread over peer to peer shared folders, the actual execution of the malicious binary is a manual step, there's no exploit associated with it.

It tries to spread using:
  • BearShare
  • eMule
  • Morpheus
  • Shareaza
  • Kazaa
It might also try to spread using irc networks, trying to spread using dcc send.

The fact that it carries no malicious payload gives away an attempt to see how efficient is the P2P medium in spreading a virus. I'm afraid that the more popular P2P networks get, the more malware will come trough this new attack vector.

Full McAfee writeup on W32/Vora.worm!p2p



Other articles
2008/8/21 15:52:01 - BitRoll and Torrent101 Used to Distribute the Lop Adware
2008/8/20 15:06:33 - FRAUDFacts Helps You Fight Identity Theft and Fraud for Life
2008/8/13 16:42:03 - 10 Million Zombies Are Spreading Spam and Malware Every Day
2008/8/11 9:03:35 - Nearly $8.5 Billion Lost by US Consumers because of Online Threats
2008/8/8 6:35:36 - EDS' Eight Tips for Consumers to Protect Themselves from Identity Theft

The comments are owned by the poster. We aren't responsible for their content.



 

HOME | NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | SECURITY BOOKS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Nov '07 | Dec '07 | Jan '08 | Feb '08 | Mar '08 | Apr '08 | May '08 | Jun '08 
Best Security Downloads offers 4000+ free and free to try security downloads