Panda ORANGE Alert: Wave of Mitglieder Trojans

Discussion in 'malware problems & news' started by Randy_Bell, Nov 3, 2005.

Thread Status:
Not open for further replies.
  1. Randy_Bell

    Randy_Bell Registered Member

    May 24, 2002
    Santa Clara, CA
    - ORANGE ALERT: Over 30 countries already affected
    by the wave of Mitglieder Trojans -
    Virus Alerts, by Panda Software (​

    Madrid, November 3 2005 - The avalanche of Mitglieder Trojans continues: over thirty countries are now affected by the different variants of this threat. Four of the five variants (FK, FL, FM and FN) are among the 6 threats most frequently detected by Panda Software's online antivirus solution, Panda ActiveScan. What's more, PandaLabs has confirmed that the Bagle.FN worm has teamed up with the Mitglieder.FK Trojan, which it sends from the computers it infects in order to increase its rate of propagation.

    This worm spreads by sending itself as a file attached to an email to all the address it finds on the affected computer. Its main actions consist of leaving the computer unprotected and trying to download a file that has the characteristics to generate emails to which to send copies of Mitglieder.FK.

    Even though new variants of Mitglieder have been released, their function is very similar: Trojans that install themselves on computers and, in the case of the FK, FL and FN variants, try to download files from a remote website, which could open the door to other threats. The main actions of the FM variant are to disable the antivirus protection installed on the computer, block access to web pages, mainly those belonging to IT security companies, and prevent users from modifying the Registry, so that these actions cannot be undone.

    "Without a doubt, the main trick of these variants is their extremely high rate of propagation, via both manual spamming and through the collaboration of the Bagle worms, which is not a new characteristic of this family," explains Luis Corrons, director of PandaLabs. "One of the hardest hit by these waves of threats could be companies, whose mail could be saturated with emails carrying these Trojans. For this reason, we recommend activating all types of filters to block this threat, especially in corporate environments."

    TruPreventTM proactive detection technologies from Panda Software block these Trojans without the need for prior updates, so systems with these technologies installed have been protected from the moment that each of these malicious codes appeared. More information about TruPreventTM Technologies at

    For more information about these and other malicious code, visit Panda Software's Virus Encyclopedia
    Last edited: Nov 3, 2005
Thread Status:
Not open for further replies.