Following a recent advisory from CERT that virus writers are concentrating on home users, Sophos has detected a new virus that displays those virus traits such as opening IRC channels to await further instructions from the attacker. W32/Cult-A is a worm and backdoor Trojan that arrives in an email pretending to be an eCard from BlueMountain.com with a pdf attachment. It spreads by emailing itself to random addresses and by sharing files over the KaZaA peer-to-peer network. If a recipient launches the attachment, the worm displays a false error message with the text “The instruction at 0x776456de referenced memory at 0x6235525g3. The memory could not be read Click on OK to terminate the application”. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.