«
»

How festive – the dasher worm…



The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.


The traditional view of a keylogger is a rather dumb logging device recording everything typed in on a given computer. Those are out there, but it’s speculated that this one (along with other viral keyloggers) specifically target financial sites and only log when a browser is visiting those sites. (which is a clever way to filter out the noise…)

If you’ve got all current windows updates and are running a firewall, this worm shouldn’t have a big impact for you. Make sure that you keep your antivirus updated though just the same.

It looks like this Christmas present comes from servers based in China…

Sans has an update here.

Popularity: 1% [?]

Create PDF    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Clampi Virus | Clampi Trojan The clampi virus is in the news in a couple places today. Surprisingly it's in Symantec's virus database since January and rated as a low risk. However, the sole purpose of this trojan is to monitor your Windows based computer for connections to more than 4500 different financial related sites......
  • More on the Windows WMF zero-day exploit There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get attention to this problem. It looks like the original site serving the exploit is down,......
  • Microsoft's quick response to network worms.... This is an ironic title because frankly, Microsoft has seemed to be slow in solutions for the recent zotob worm. Of course, they announced the vulnerability and accompanying update to solve the issue to begin with, but after the virus started propagating what do we see from Microsoft? They have......
Blog Traffic Exchange Related Websites
  • What is adsense for RSS feeds - Simplified Explanation! Useful Things to Take Into Consideration First things first. What is rss feeds?RSS (Rich Site Summary) is a format for delivering updated web content. Many news-related sites, weblogs and other online publishers syndicate their content as an RSS Feed to whoever wants it.Mostly in XML-based systems, it allows viewers who subscribe to the service to view......
  • Fishing Report: December 17, 2010 Lakes and Saltwater Berkeley: People are hitting crab limits nearly every time they go out. Some are going to be pulling in a decent amount of shrimp as well. Strong area for both. Berryessa: You are going to need to stay high if you want to pick up the trout......
  • Virus Writers Are Cowardly, Unimaginative Hacks Okay, listen up you pimply little cellar dwarfs. You think you're so smart living rent-free in your Mommy's basement writing your little computer viruses and worms? Well, creating a trojan is as close as you'll ever come to actually using something called a Trojan. And you're not so smart. You're......

Similar Posts


This entry was posted on Thursday, December 15th, 2005 at 12:43 pm and is filed under Computers, Security, Viruses. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site