BitDefender discovers new variant of Palevo pest lures with fake pictures download Holzwickede, 04th may 2010 Palevo is back and the youngest member of the worm family acts more aggressive depending on the. Antivirus BitDefender (www.bitdefender.de) expert has found out that Cybercriminals have sent a wave of auto-generated instant messages on the journey in the past few days. The unsolicited message shows a grinning smiley face and a link that supposedly directs the user to a personal photo or a whole gallery. Instead of an image, the victim Worm.P2P.Palveo.DP receives a worm that opens a back door to foreign PCs to remote attackers. A download window, can be downloaded in a .jpg file appears after clicking on the link in the Instant Messenger. The user pressed the download, Palevo.DP on the machine injects. On an unprotected system, the worm is a real mess.
First, he created several hidden files in the Windows folder with the names mds.sys, mdt.sys, winbrd.jpg and infocard.exe. Then changed some registry keys Palevo.DP and overrides to the local firewall of the operating system. Like his brothers and sisters”Palevo.DP contains a backdoor component, which allows attackers from the outside to gain control of the attacked computer criminals can install more malicious software in this way, for start unnoticed new spam campaigns and to attack other systems with malware. The Palevo family is also able to steal passwords and other sensitive data are stored in Mozilla Firefox or Microsoft Internet Explorer. The use of E-banking or online shopping services is thus particularly risky. The spreading mechanism includes also the infection by shared network folders and removable media. Here, the worm via the Autorun feature in Windows is activated. Palevo worms spread also through peer-2-peer platforms such as Ares, BearShare, iMesh, Kazaa, DC ++, eMule and LimeWire, Shareza by them their code in there inject shared files.
We recommend that users of instant messaging services, to be extremely cautious and not blindly click on unknown links. Each user should review links in advance well and make sure that they do not refer to malicious websites”, Catalin Cosoi, BitDefender senior advises researcher. Palevo is very aggressive. Shortly after the outbreak we have infection rates by 500 percent and more per hour for countries such as Romania, the Mongolia and Indonesia registered.” Security software from BitDefender reliably detects all Palevo variants and block the worm. More information under:. About BitDefender BitDefender is software developer, one of the industry’s fastest and most efficient product lines internationally certified security software. Since the founding of the company in 2001, BitDefender has set new standards in the field of proactive protection against threats from the Internet. Every day, BitDefender protects tens of millions of private and business clients around the Globe and gives them the good feeling that your digital life is safe. BitDefender sells its security solutions in more than 100 countries through a global VAD and reseller network. More detailed information about BitDefender and BitDefender products are available in the press centre online. In addition, BitDefender provides background information and current news in the daily fight against threats from the Internet, in English at. Press contact: BitDefender GmbH Robert-Bosch-str. 2 D-59439 Holzwickede contact person: Hans-Peter Lange PR Manager Tel.: + 49 (0) 2301 9184-330 fax: + 49 (0) 2301 9184-499 email: PR Agency: Sprengel & Partner GmbH nesting first race 3 D-56472 Nisterau contact: Fabian Sprengel Tel.: + 49 (0) 2661 91260-0 E-Mail: