Bogus IQ test with destructive payload in the wild

6Feb2010 Filed under: Malware Author: admin

Researchers from ESET and BitDefender have intercepted two destructive malware variants (Win32/Zimuse.A, Win32/Zimuse.B/zipsetup.exe), posing as an IQ test, and currently spreading in the wild.

Upon execution, the malware will attempt to spread through removable media using a time-based logic bomb, and overwrite the MBR (Master Boot Record) of all available drives after 40 days for variant A, and 20 days for variant B, making the host’s data inaccessible.

Moreover, once executed, the malware will also issue the following, typical for scareware/fake security software error message, in what appears to be an attempt by the malware authors to make the infected users contact the hosting provider of a particular site stating that it infected them with malware

BitDefender points out that due to the digitally signed drivers in 64-bit versions of Windows Vista and Windows 7, the worm would fail to install. A video demonstrating the infection has been released, as well as a Zimuse removal tool, available for free download.

Tags: Malware

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Entries (RSS)
Comments (RSS)

About this blog

GeeksJunction can help everyday home users and beginners improve the security of their home computers. Learn what to do if you have a virus, get tips for reducing spam and avoiding phishing e-mail scams, find out how to remove spyware, and get information about keeping kids safer online.

Recent Comments
Recent Articles

Virus And Spyware Removal