- This malicious code spreads rapidly through IRC and e-mail
MADRID, May 12 2003
Panda Software’s tech support services and virus laboratory have been receiving reports of incidents caused by Fizzer (W32/Fizzer). This worm has also jumped from 40th to 11th in the ranking of viruses most frequently detected by Panda ActiveScan, the company’s free online virus scanner.
Fizzer, which appeared on May 8, spreads mainly via IRC and e-mail. After infecting a computer, it uses its own SMTP engine to send itself out to all contacts in the Windows address book.
Fizzer can produce the following effects in a computer:
- It captures the keystrokes entered in the affected computer and saves them in a text file called ISERVC.KLG, which it creates in the Windows directory. If hackers obtained this file, they would be able to access the confidential information belonging to the user of the affected computer, such as passwords for accessing Internet services, bank accounts, etc.
- It ends process active in memory. By doing this, some programs will stop working. These processes belong, mainly, to antivirus programs.
- It creates several entries in the Windows registry to ensure it is run whenever the system is started or when the user opens a text file.
Panda Software has released the corresponding update to its antivirus solutions to detect and eliminate Fizzer. Users of the company’s products whose software is not configured to update automatically, should update their solutions from www.pandasoftware.com. Users can also detect and disinfect this and other malicious code using the free, online antivirus, Panda ActiveScan, which is available at the same address
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.