Zafi Worm Spreading like wildfire

Over 1 in 10 emails on the internet at present are infected with the Zafi.d worm.

It is using the old trick of posing as a XMAS message.

W32/Zafi-D is a peer to peer worm, it copies itself to the Windows system folder with the filename Norton Update.exe, creates a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. Some of these are exact or zipped copies of the worm, detected as W32/Zafi-D, while others are log files created by the worm.

It then harvests email addresses from the Windows Address Book and from files found on the hard drive, copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe.

Removal tools
GUI version
Command Line Version

Volume of Spam and Viruses still rapidly increasing

This year’s rampage of phishing scams is “just the tip of the iceberg,” according to a message security firm’s analysis of 2004 and its predictions for 2005, both released this week.

MessageLabs tracked a mere 279 phishing emails in September 2003, but a year later, monitored more than two million in the same month. During November 2004, MessageLabs tallied a whopping 4.52 million phishing-related messages.

Among the evidence that phishers are stepping up their tactics and applying even more effective technologies, she said, are 2004 scams that didn’t require user intervention.

Users who only opened a malicious email had their systems modified so that the next time they surfed to their bank’s online site, the browser was redirected to a fake address where their login information was captured and invisibly sent to the attacker. The hacker could then empty the account at will.

According to MessageLabs’ statistics, the number of phishing attacks really didn’t take off until July 2004, when the number of scam-style messages nearly jumped ten-fold from the previous month.

Next year will also see a leap in the number of scams targeted at specific organisations and companies, Staley said. “Blackmail and extortion will be even more popular next year,” she predicted.

Virus-laden messages also increased in 2004, MessageLabs reported, to the point where the year’s average was one infected message in every 16, a doubling of 2003’s ratio of 1 in 33. In 2002, only¬†one in every 212 messages contained malicious code.

Spam, on the other hand, looks like it may have peaked as a percentage of all messages. But not for the right reasons. “Frankly, there’s not much farther spam could go,” said Staley, who noted that in July, 94.5 percent of all mail that MessageLabs processed was tagged as spam. Spam accounted for “only” 73.8 percent of all mail in November, but that was still higher than the 63 percent of the year’s beginning.

“Spam will stay at around 60 to 80 percent of mail in 2005,” Staley predicted.

Yahoo Desktop Search

Yahoo plans to release in January the beta version of a desktop search application.

It’s just like TV. Someone comes up with a idea and suddenly everyone is making one.

Yahoo, is expected to focus its search tool on the desktop and on a subscriber’s personal information stored on the Yahoo portal, such as email, photos and calendar. The search tool is also expected to be able to return search results from Yahoo’s news, entertainment and music offerings, as well as the general web.