W32.Cuebot-K worm appears as Microsoft antipiracy program
The fake Windows Genuine Advantage Tool (wgavn.exe) has been named as W32.Cuebot-K worm by Sophos. Cuebot-K propagates by sending itself as a file named “wgavn.exe” to more people in the user’s “Buddy List” but without a message, Cluley said. More in http://www.infoworld.com/article/06/06/30/HNwormmsantipiracy_1.html I just viewed Sophos’ Threat analyses page – by name (letter C) but they don’t have the article for Cuebot-K yet (maybe later). At the time of this writing, they got articles for Cuebot-A to Cuebot-J only (at least, it has been detected now and let’s hope that all other security vendors that has malware detections for worms … Continue reading W32.Cuebot-K worm appears as Microsoft antipiracy program