New Worm Locks Documents with Password

Discussion in 'malware problems & news' started by SUPERIOR, Sep 7, 2010.

Thread Status:
Not open for further replies.
  1. SUPERIOR

    SUPERIOR Registered Member

    Joined:
    Dec 10, 2007
    Posts:
    161
    Location:
    Syria
    full story
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Hardly call this new, but ok.
     
  3. SUPERIOR

    SUPERIOR Registered Member

    Joined:
    Dec 10, 2007
    Posts:
    161
    Location:
    Syria
    actually, never heard about any malware does the same thing i mean lock any kind of files .... its just puzzling why worm would lock documents..then doesnt lead to some ransomewares? they say it's just for annoying...
    but as to their analyzing, i guess it's just skiddie worm...first it supports old version of windows not latest ones(like vista or seven)
    second its way of propagation seems like simple
    third, password long but only numbers ..which makes it more easily be bruteforced

    the only thing i find interesting is "locking documents" as it's new symptom for me

    but i was wondering, if file was set to "read only" does it have the ability to lock it? or thats impossible o_O?
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
  5. SUPERIOR

    SUPERIOR Registered Member

    Joined:
    Dec 10, 2007
    Posts:
    161
    Location:
    Syria
    ooh...thanks alot for the info and links...actually never heard them before
    so that worm has nothing new at all...then i am wondering why great company like panda would take this seriously:doubt:

    btw, do you know a good source to get samples of ransom trojans? or if you can pm me with links

    Thanks in advance
     
  6. wat0114

    wat0114 Guest

    From the article:

     
  7. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    One would hope that AV companies take all malware threats seriously ^^

    But if you want my opinion of it, AV companies sometimes like to race to be "first" to document a new threat. This generally increases sales/awareness of product as the articles are technically advertising the product company writing it.

    If you want to go further there are sometimes users that actively switch AV product because they are told AV product X detects new threat Y, but I don't think that's a very common thing.
     
  8. SUPERIOR

    SUPERIOR Registered Member

    Joined:
    Dec 10, 2007
    Posts:
    161
    Location:
    Syria
    very true, maybe they dont like but they have to ;)
    PS : i havent tried panda for long time, panda can fix this infection, i mean delete the password from infected files? anyone have an idea?
     
Loading...
Thread Status:
Not open for further replies.