Virus writers exchanging information

[Raoul Nakhmanson-Kulish <raoul () elforsoft com>]

Hello all!

An interesting article from Kaspersky Lab site.

<blockquote cite="http://www.kaspersky.com/news?id=160377972";>

Virus analysts at Kaspersky Lab have been investigating the recent Bagle
outbreak, and come to the conclusion that the authors of Bagle, Zafi and
Netsky are working hand in hand with each other.

SpamTool.Win32.Small.b, a malicious program which harvests email
addresses from infected machines, was first detected by Kaspersky Lab
analysts on 15th February. Email addresses of antivirus companies are
excluded from the list it compiles. Further analysis of the situation
reveals that the mass mail of this program was a preliminary stage in
the attack carried out by Bagle on 1st March.

In researching the Bagle outbreak, virus analysts have concluded that
the authors of Bagle, Zafi and Netsky and others are working closely
together; they may not be personally known to each other, but they are
all using information provided by the author of Bagle to mass mail their
creations.

In the space of just 2 days, approximately 50 modifications of a range
of malicious programs were mass mailed. The timing of these mailings
clearly shows that they are automated or semi-automated.

These recent events confirm the trend towards the criminalisation of the
Internet. And likely as not, events will continue to evolve in such a
way: network attacks are now automated, take place in several stages,
and are carefully timed and planned. The authors of malicious code are
joining forces, exchanging information and techniques, in order to
increase the impact of attacks.

</blockquote>

--
Best regards,
Raoul Nakhmanson-Kulish
Elfor Soft Ltd.,
IT Department
http://www.elforsoft.ru/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/