W32/Vora.worm!p2p tries to spread trough P2P networks

P2P Security News : W32/Vora.worm!p2p tries to spread trough P2P networks

Posted by Max on 2007/11/15 12:59:02 (1807 reads)

McAfee has added anti-virus detection against what seems to be a targeted P2P spreading virus. W32/Vora.worm!p2p symptoms include re-appearing of a small gui message box on the screen with caption of the messagebox is: Doomsday Has Come..., and message : YOU ARE iNFECTED BY RAVO_5002.

The worm tries to spread over peer to peer shared folders, the actual execution of the malicious binary is a manual step, there's no exploit associated with it.

It tries to spread using:

BearShare
eMule
Morpheus
Shareaza
Kazaa

It might also try to spread using irc networks, trying to spread using dcc send.

The fact that it carries no malicious payload gives away an attempt to see how efficient is the P2P medium in spreading a virus. I'm afraid that the more popular P2P networks get, the more malware will come trough this new attack vector.

Full McAfee writeup on W32/Vora.worm!p2p

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.