Overnight we’ve seen a rash of new variants of Downloader-BAI being seeded. Within a few hours time, over 20 new variants have been released.
This trojan can choose from the following list of subjects:
- U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
- Naked teens attack home director
- A killer at 11, he’s free at 21 and kill again!
- British Muslims Genocide
- 230 dead as storm batters Europe
and the following attachment names:
- Read More.exe
- Full Clip.exe
- Full Story.exe
- Video.exe
The large number of variants underscores a topic that’s been discussed much lately - The biggest trend in malware is a sort of buck-shot approach. Create a very large number of different variants in a short span of time, hoping to gain at least a few extra hours in which to be undetected by at least some traditional AV scanners. This reminds us again of the need to have a multi-layered defense. Even something as simple as filtering EXE files at the gateway would have made this seeding event a non-issue.
January 22nd, 2007 at 6:05 am
[…] Computer Security Research - McAfee Avert Labs Blog. […]
January 22nd, 2007 at 5:22 pm
[…] Trackback It’s been a few days since our last post on the subject of Downloader-BAI, and the massive seeding is still continuing with dozens of new variants each day. […]
January 23rd, 2007 at 6:49 am
[…] It’s been a few days since our last post on the subject of Downloader-BAI, and the massive seeding is still continuing with dozens of new variants each day. […]