How festive – the dasher worm…



The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.


The traditional view of a keylogger is a rather dumb logging device recording everything typed in on a given computer. Those are out there, but it’s speculated that this one (along with other viral keyloggers) specifically target financial sites and only log when a browser is visiting those sites. (which is a clever way to filter out the noise…)

If you’ve got all current windows updates and are running a firewall, this worm shouldn’t have a big impact for you. Make sure that you keep your antivirus updated though just the same.

It looks like this Christmas present comes from servers based in China…

Sans has an update here.

Related Posts

Blog Traffic Exchange Related Posts
  • Linux network worm... There is a linux network worm (virus) in the wild, which I've mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple......
  • Transgaming Cedaga 5 due to arrive Tuesday November 8 I've just made it back over to the Transgaming site to check in on the release date for cedage 5.0 (formerly transgaming winex). It looks as though Tuesday November 8th at 2am (eastern Time zone (utc - 5)) will be the day they're counting towards. I looked the other day......
  • More on Explorer vulnerability Among other things... Sans has lowered the infocon to green, NOT that the threat is diminished, but there have been no new developments with regards to the announcement yesterday of a major Internet Explorer security vulnerability. Sans recommends browsing the web with firefox (with the noscript extension, so you can......
Blog Traffic Exchange Related Websites
  • No Far More Boring Weblog Templates For Your WordPress Blog I am positive that if you are visiting this page, you will be interested in genesis theme framework. Probably the hardest aspect of WordPress to grasp for new customers is that there's no set "look" to the site it produces - the content and design and style are fully separated,......
  • Virus Writers Are Cowardly, Unimaginative Hacks Okay, listen up you pimply little cellar dwarfs. You think you're so smart living rent-free in your Mommy's basement writing your little computer viruses and worms? Well, creating a trojan is as close as you'll ever come to actually using something called a Trojan. And you're not so smart. You're......
  • 10 Basic Tips for Securing Your Computer Today, most people have personal information, including financial information and family photos on their personal computer. All it takes is one virus or worm to destroy all of your information, making it vital to protect your computer. Protecting your computer is the best way to ensure all of your personal......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site