Posted in GD as a public service. If this post is deemed to be inappropriate for this forum, Mods please move or lock.
The poster is not an employee of, or in any way associated with Panda Software.
------
Panda Software warns about the Trojan Hatoy
Virus Alerts, by Panda Software (
http://www.pandasoftware.com)
Madrid, October 2, 2003 - The free online antivirus solution, Panda ActiveScan, has detected a significant increase in the number of computer affected by the Trojan Hatoy (Trj/Hatoy.A), first detected by PandaLabs a few days ago. This malicious code is designed to change the TCP/IP settings of computers so that they point to a different DNS server than the one they had configured. Basically, DNS servers ensure that when a user enters an address in the Internet browser, the corresponding website is displayed.
For this reason, the main effect of Hatoy is that when users try to connect to any web page, it re-routes them to a different page selected by the virus author.
Hatoy cannot spread by itself and therefore, the only way a user can become infected is by visiting web pages that have been especially constructed to exploit the Object Type vulnerability that affects the browser Microsoft Internet Explorer. This security flaw allows files contained in web pages that exploit this vulnerability to be automatically run. More information about this vulnerability and the patch that fixes it are available at:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-032.asp
As a result, if users visit a web page that has been especially designed to automatically download and run Hatoy, their computers will be immediately infected. Once it has been installed on a computer, this Trojan modifies the Windows registry and creates several files.
Due to means of transmission used by this malicious code, it is suspected that the address of a website designed to distribute Hatoy has been sent as spam. This would explain why the number of incidents caused by this Trojan has significantly increased several days after it appeared.
According to data collected by the free online antivirus, Panda ActiveScan, the number of computers infected by this Trojan has is rising. Therefore, in order to avoid being infected by Hatoy, Panda Software advises users to treat all e-mails received with caution and to update their antivirus solutions immediately. The company has already made the updates to its products available to users to ensure their solutions can detect and eliminate Hatoy. Those whose software is not configured to update automatically, should update their solutions from
http://www.pandasoftware.com.Users can also scan their computers using the free, online antivirus, Panda ActiveScan, which is available on the company's website at
http://www.pandasoftware.com.For more information about Hatoy and other malicious code, visit Panda Software's Virus Encyclopedia at the following address:
http://www.pandasoftware.com/virus_info/encyclopedia/.Additional information
- Trojan: Strictly speaking, a Trojan is not a virus, although it is often thought of as such. Really they are programs that, enter computers (in a number of ways), and carry out actions that enable them to take control of the affected computer.
- Vulnerability: Flaws or security holes in a program or IT system, and often used by viruses as a means of infection.
More definitions of virus and antivirus terminology at:
http://www.pandasoftware.com/virus_info/glossary/default.aspxNOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the "cut" and "paste" options to join the pieces of the URL.
Printer-friendly format
Email this thread to a friend
Bookmark this thread
(1000+ posts)
Send PM |
Profile |
Ignore
