Author Topic: yahoo group problem #4  (Read 3539 times)

0 Members and 1 Guest are viewing this topic.

July 19, 2009, 11:09:54 pm
Read 3539 times

tom_

  • Newbie

  • Offline
  • *

  • 5
http://elansoftsol.com/images/install.exe?0,1919225

This is turning into a bigger problem than just for the people in the yahoo group.  The member's email address has been barred as a prophylactic measure but now the bad guy is sending these naked URLs to what I believe are the entire contents of his yahoo address book.  Many of those addresses are much, much more than social contacts.

If you can advise what this malware is, we'd appreciate it.  This is going to be a very nasty clean-up job.

Thanks.

July 20, 2009, 12:10:56 am
Reply #1

CM_MWR

  • Special Members
  • Hero Member

  • Offline
  • *

  • 319
This is a dropper which drops a downloader which downloads one fine p00 festival on the victims PC, would hope where it has landed so far has some sort of protection cause it sure need something.

2 Banker Trojans, 1 real nasty version of the tdss rootkit, some lovely daily_bucks fake antivirus garbage and a browser helper object...

ofcourse this is only what I could see, as soon as rootkit hit disc, disc went boom  ;D