May 27, 2005 (11:05 AM EDT)
Hybrid Worm Wave Of The Future
Read the Original Article at InformationWeek
A new worm that hit users this week is a perfect example of the future of malicious code, said Panda Software Friday. And that future looks ominous.
The worm, dubbed "Eyeveg.d" by Panda (but Bugbear.b by Sophos, Lanieca.b by Symantec) is a sophisticated hybrid that spreads like a worm but conducts Trojan-style actions against the compromised computer.
Eyeveg.d infects a PC using an .exe file, a typical tactic of worms, and spreads itself to other machines by hijacking e-mail addresses and mailing itself to others.
The second, Trojan horse, component kicks in next, as Eyeveg.d loads a .dll file as a plug-in to the Internet Explorer browser. The .dll, essentially a keylogger, captures keystrokes whenever the computer's user sends data to an SSL server, such as those used by banking and e-commerce sites.
"This is just another example of phishing, through which Eyeveg.d can gather data such as bank account numbers, passwords, or credit card numbers," said Panda.
The Trojan also includes a backdoor, through which the hacker can send new commands or install more malicious software on the system.
"This type of hybrid of two malware species is becoming more and more habitual, as malware creators look for increased capacities and versatility in their creations," concluded Panda.