Fizzer Worm Wallops World (Back Dated)
Contributed by: Anonymous
Views: 785
According to Global Secure SystemsThe Fizzer worm, which first caught security experts' attention last Thursday, is hitting computer users across the globe early this week, spreading through email and popular file-swapping networks.
Tonight on "Tech Live," get the very latest news on Fizzer, and see how to get rid of this new menace.
Security firm MessageLabs says its scanners caught 18,000 email messages containing Fizzer on Monday alone. The virus spreads in many different forms;and its infection rate are climbing.
McAfee, Trend Micro, and Symantec each rate Fizzer a medium threat, while F-Secure says Fizzer merits its highest-severity rating. The virus affects computers running Windows 95, Windows 98, Windows Me, Windows NT, Windows 2000, and Windows XP. It doesn't affect Macs or Linux/Unix machines.
This Virus/worm uses clever code
The virus first appeared on May 8. According to the technical write-up on the F-Secure website, Fizzer is an incredibly dynamic piece of code. The write-up reads:
The worm can spread itself in emails and in [the] KaZaA P2P (peer-to-peer) file-sharing network. Fizzer worm has a built-in IRC backdoor, a DoS (denial of service) attack tool, a data-stealing trojan (uses external keylogger DLL), [and] an HTTP server.
The biggest threat from Fizzer, perhaps, is the key-logging program it installs on a victim's machine. Keyloggers record everything you type into your PC. They even record screen shots. The captured info is then sent back to the attacker. Infected machines could relay bank account numbers and passwords, screen names and passwords, and other sensitive personal data.
When sent via email, Fizzer uses some of the following subject lines:
I thought this was interesting...
rather psychedelic...
found this on the net, you might like it...
discothhque
imbrue
Damn it feels good to be gangsta.
The way I feel - Remy Shand
Paradigm Shift
WASSUP!
Know Thyself
Hell
I love you
Please discard if you don't like or agree with our present leadership...
little popup remover
cannot remember
Yo, WASSUP, B?
an interesting program...
You might not appreciate this...
I think you might find this amusing...
LOL check this out... hehehe
question...
see you tomorrow.
how are you?
you need to lose weight.
why?
kind of simple, but fun nonetheless.
check it out.
File swappers beware
Fizzer also lists itself in the KaZaA shared file folders of infected computers running the P2P file-sharing utility. Fizzer poses as a dummy media file, tempting an unsuspecting user to download and double-click it.
The file containing Fizzer's executable code is named by a random generator, but the file extension is always .exe, .pif, .com, or .scr.
Because Fizzer tries to disable antivirus programs, it's especially important that you update your AV definitions.
F-Secure offers a free disinfection tool you can download by clicking this link. Or you can see F-Secure's technical write-up of the virus. The write-up also links to the disinfection tool.