A new worm that may be double the trouble was spotted in the wild Thursday by several anti-virus firms. Dubbed Plexus, by Moscow-based Kaspersky Labs, and Explet.a, by Symantec, the worm uses multiple methods to infect PCs, including exploiting a pair of vulnerabilities in Windows. “The worm’s payload threatens systems worldwide,” said Kaspersky Labs in an e-mailed statement. Although its payload can arrive in the more traditional manner as an executable file attachment to an e-mail message, Plexus/Explet can also infect systems without any human intervention by exploiting 2003’s RPC DCOM vulnerability–the one that MSBlast used last August–and this year’s LSASS vulnerability, the route that Sasser took in late April and early May. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.