Instant trojan to worm toolkit sighted
No skills required to create malware
Miscreants have created a point-and-click toolkit designed to make it easier to both create and distribute Trojans.
The Trojan2Worm (T2W) toolkit turns any executable file into a worm with auto-spreading capabilities. As such it provides the ability for Trojan infection agents to acquire worm-like spreading abilities.
The tool requires minimal skills to use, net security firm Panda Security reports. Features include the ability to compress infectious files or mutate their contents, tricks designed to make it easier to smuggle malware past anti-virus scanners. It's also possible to program malware so that it disables Task Manager, Windows Registry Editor or even selected browsers.
All this and more is possible at the click of a button. There's even an option to either enable or disable the infection of removable drives. No programming skills are required.
Panda reckons the software was developed in Spain, largely based on its support for the English, Spanish, Portuguese and Catalan languages. ®
this just in from McAfee
This is a Low-Profiled Threat Notice for HTool-T2W
HTool-T2W has been deemed Low-Profiled due to media attention at the following link: http://www.theregister.co.uk/2008/06/18/trojan_worm_toolkit/
Read About It
Information about HTool-T2W is located on VIL at: http://vil.nai.com/vil/content/v_146248.htm
HTool-T2W was first discovered on June 25, 2008 and detection will be added to the 5325 dat files (Release Date: June 25, 2008).
Though we consider this a low threat, An EXTRA.DAT file may be downloaded via the McAfee AVERT Extra.dat Request Page: <https://www.webimmune.net/extra/getextra.aspx>
If you suspect you have HTool-T2W, please submit a sample to <http://www.webimmune.net>
Risk Assessment Definition
For further information on the Risk Assessment and Avert Labs Recommended Actions please see: <http://www.mcafee.com/us/threat_center/outbreaks/virus_library/risk_assessment.html>
For breaking security information from McAfee® Avert® Labs visit:
McAfee Avert Labs Blog
AudioParasitics - The Official PodCast of McAfee Avert Labs http://podcasts.mcafee.com/audioparasitics
Sign up for McAfee® Avert® Labs Security Advisories http://www.mcafee.com/us/threat_center/securityadvisory/signup.aspx
Capital Assault or Banking Rules Change? Dealers Choice.
"Of course everything is possible at the click of a button, if some poor sap has written all the code underneath :)" .... By Anonymous Coward Posted Thursday 19th June 2008 05:39 GMT
Those poor saps will never ever be poor again, AC....... and they will Know All About the Value of Wealth and what you do with IT.
The sad thing is (one of many sad things)
...that it probably is more stable than MS's commercial software, more compatible, and more user friendly. I wonder if it has a listing in add/remove programs to be uninstalled? (probably it's stand-alone and doesn't need such crap) And another sad thing is that these are obviously talented (although criminal) guys, that will probably never hold a high-paying, "respectable" job, with opportunity for growth, like MS would provide if these guys could get their feet in the door. Instead, they'll cause much human misery out of bitterness, indifference, and the sheer lack of opportunity that life (and their own choices) has provided them. They'll probably erratically make a few thousand or tens of thousands of dollars off their malware kit before being shaken down and incarcerated, mostly because of their own idiot bravado, while less talented (but more emotionally mature and experienced) developers coast on making their way in the world. <sigh> All of life disgusts me today...