Hackers roll out Valentine's Day rootkit

By on
Hackers roll out Valentine's Day rootkit

Nurech.B spreads through e-card spoofs.

Security experts have detected a new mutant of the Nurech worm which, like its predecessor Nurech.A, arrives disguised as a Valentine's Day message.

Nurech.B arrives in emails with subject lines such as 'Happy Valentine's Day', 'Valentines Day Dance' and 'The Valentines Angel'.

The email 'sender' is always a woman's name such as Sandra, Willa, Wendy or Vicky, PandaLabs reported.

An attachment simulates an e-greeting card using file names like 'Greeting Postcard.exe', 'Greeting card.exe', or 'Postcard.exe'.

When users click on the attachment it creates a copy of the worm on the hard drive, and then conceals its presence using rootkit-like functions.

The worm also disables certain antivirus, anti-spyware, and security applications installed on the system.

Luis Corrons, technical director at PandaLabs, said: "The objective is to trick users into opening the attachment using enticing subject lines related to the romantic holiday.

"This type of trick is usually quite successful, so we strongly advise users never to open any attachment that they have not requested, regardless of what it seems to contain."

Nurech.A launched last week using similar methods and continues to spread, maintaining an 'orange' alert level, according to Panda Labs.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk

Most Read Articles

Log In

  |  Forgot your password?