Daily Virus Report (Apr 10 to Apr 12, 2009) - Trojan.PSW.Win32.QQPass.eeq
-
RISING
Intraday malicious virus program: Trojan.PSW.Win32.QQPass.eeq
Behaviour:
This is a malicious account stealer Trojan virus program which specially designed for stealing QQ account and password information. After being executed, the virus shuts down varieties of anti-virus software and security tools; adds itself to startup option of registry; finally steals QQ account and password information of infected device. This account stealer Trojan threatens security safe seriously.
Statistics:
RISING Cloud Security reported:
From April 10 to April 12, 2009 there were 11,230,000 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 3,273,495 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 118,793 reports from end users.
Top5 Infected Website:
1, http://sph.bjmu.edu.cn/Html/downloads/index.htm
with malicious hyperlink: http://z.hg9*3.cn/d1/16/ytbf.htm, etc.
2, http://www.graduate.nuaa.edu.cn/nuaads/login.asp
with malicious hyperlink: http://z.hg9*3.cn/d1/16/ytvod.htm, etc.
3, http://ce.scu.edu.cn/bkjx/detail.asp?id=206
with malicious hyperlink: http://*.hg973.cn/d*/16/ytgg.htm, etc.
4, http://hangji.nchu.jx.cn/BigClass.asp?BigClassID=7&BigClassName=%B5%B3%BD%A8%B9%A4%D7%F7
with malicious hyperlink: www.*****.cn/d1/16/ytgg.htm, etc.
5, http://aes-online.ycu.jx.cn/Article_Show.asp?ArticleID=292
with malicious hyperlink: http://z.hg**.cn/d1/16/ytbf.htm, etc.
Attention: the above hyperlinks contain malicious codes, please DO NOT try to access to any hyperlink!
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
