How festive – the dasher worm…



The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.


The traditional view of a keylogger is a rather dumb logging device recording everything typed in on a given computer. Those are out there, but it’s speculated that this one (along with other viral keyloggers) specifically target financial sites and only log when a browser is visiting those sites. (which is a clever way to filter out the noise…)

If you’ve got all current windows updates and are running a firewall, this worm shouldn’t have a big impact for you. Make sure that you keep your antivirus updated though just the same.

It looks like this Christmas present comes from servers based in China…

Sans has an update here.

Related Posts

Blog Traffic Exchange Related Posts
  • More on the Windows WMF zero-day exploit There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get attention to this problem. It looks like the original site serving the exploit is down,......
  • Clampi Virus | Clampi Trojan The clampi virus is in the news in a couple places today. Surprisingly it's in Symantec's virus database since January and rated as a low risk. However, the sole purpose of this trojan is to monitor your Windows based computer for connections to more than 4500 different financial related sites......
  • Sober virus watch... Well, antivirus vendors and IT security folks are waiting now for the expected activation of the sober.y worm searching for a new downloads and a new revision of the pest. kaspersky's log indicates the expected activation time is 00:00 GMT January 6th, which means here in the EST zone that......
Blog Traffic Exchange Related Websites
  • Mastering Your Productivity By Examining Your Tasks To become more productive in your business, you must first take note of how you are currently spending the majority of your time.What matters is how productive you are. It doesn’t matter how much time you spend working on your business, if you’re not doing the things that really matter,......
  • Lazy Man Sites Hacked and the Lessons We Can All Learn From It If you've been wondering why things were a little quiet around here lately, it's because yesterday some of my sites were hacked. Fortunately, I've put Lazy Man and Money on a separate server that went unharmed. I also have backups of everything made each day to Amazon's S3 service. So......
  • Web Site Design What Fonts To Utilize Since lawyer website design, its difficult never to get bored using the same old fonts day time in and day out with every new? or not consequently new? lawyer website design. Of course, lawyer website design is an innovative job, but how can we let the creativity flow whenever were......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site