Be careful of worshiping Pandas showing up on your system!! Machines have been getting infected by a piece of malware called W32/Fujacks. The virus files have an icon of a panda holding incense sticks. We have seen several variants of Fujacks since Nov 2006.

Early variants of Fujacks were a worm that spread through network shares with weak passwords and infected executables. Several of the variants can infect web based files like .html, .asp, .php, etc. The infected html files are detected as W32/Fujacks!htm. The html files are infected by appending an iframe tag. When these html file are opened through a browser, they will download another variant of this virus. Recently, we have also seen variants that infect both executables and the html files.

More information around this threat can be found at W32/Fujacks, W32/Fujacks.worm and W32/Fujacks!htm. We at McAfee Avert Labs continue to protect our customers against this threat and remind Internet users to be updated with the latest security patches for their web browsers.

The advice given by Jiangmin and quoted by China Daily was flawed because W32/Fujacks.worm infects trusted HTML files and customers can browse any trusted web page locally or remotely with these infected links. The key to the problem is that these malicious links point to sites exploiting the MDAC vulnerability patched in MS06-014.