PandaLabs has issued warnings about the rapid propagation of two new members of the Spamta family: the Spamta.VK worm and the Spamtaload.DT trojan.
Both spread together and have accounted for up to 80% of malware detections reported to PandaLabs per hour. The Spamta family has been extremely active over the last few months.
When Spamta.VK infects a computer, it connects to several servers to send out massive amounts of emails. These emails include a copy of Spamtaload.DT, generally hidden in an executable file. Spamtaload.DT, in turn, downloads a copy of Spamta.VK to each computer it infects, starting the infection cycle all over again.
“This is a clear example of a combined attack. The worm’s propagation features are used to distribute the trojan, which, in turn, ensures proliferation by infecting each computer with a new copy of the worm. This technique explains the large number of infections reported to PandaLabsâ€, says Luis Corrons, Technical Director of PandaLabs.
The proactive TruPrevent Technologies have detected these malicious codes with no need for prior identification or updates. Users that have them installed have therefore been protected at all times.
Spamtaload.DT trojan has an icon similar to that of text files. When run, it shows an error message and creates a key in the Registry Windows to ensure it is run every time the system is started up.
The Spamta.VK worm downloads several malicious files once it is run and connects to several servers to send itself out by email.
“The attacks of Spamta codes usually involve the appearance of several variants in a short period of time. This aims at having security companies and users concentrate on one or a few variants, whereas the rest go completely unnoticed and continue to infect. Users should be on their guard against the possibility of new malicious codes appearing. It is also advisable to have proactive technologies, like TruPrevent, which detect known and unknown malicious codesâ€, says Luis Corrons, technical director of PandaLabs.
All users that want to know whether their computers have been attacked by these or other malicious code can use TotalScan, the free, online solution.
They can also use the NanoScan beta , an online scanner that detects active malware on computers in less than one minute.
