A new worm that hit users this week is a perfect example of the future of malicious code, said Panda Software. And that future looks ominous.
A new worm that hit users this week is a perfect example of the future of malicious code, said Panda Software Friday. And that future looks ominous.
The worm, dubbed "Eyeveg.d" by Panda (but Bugbear.b by Sophos, Lanieca.b by Symantec) is a sophisticated hybrid that spreads like a worm but conducts Trojan-style actions against the compromised computer.
Eyeveg.d infects a PC using an .exe file, a typical tactic of worms, and spreads itself to other machines by hijacking e-mail addresses and mailing itself to others.
The second, Trojan horse, component kicks in next, as Eyeveg.d loads a .dll file as a plug-in to the Internet Explorer browser. The .dll, essentially a keylogger, captures keystrokes whenever the computer's user sends data to an SSL server, such as those used by banking and e-commerce sites.
"This is just another example of phishing, through which Eyeveg.d can gather data such as bank account numbers, passwords, or credit card numbers," said Panda.
The Trojan also includes a backdoor, through which the hacker can send new commands or install more malicious software on the system.
"This type of hybrid of two malware species is becoming more and more habitual, as malware creators look for increased capacities and versatility in their creations," concluded Panda.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.