Email worm variants using blank subjects spread throughout Asia


The family of WORM_RONTKBR.GEN (including WORM_RONTOKBRO and WORM_BRONTOK) has been ranked High Risk by Trend Micro as the scale of infection expands in Asia. The worm family is mainly spread through emails that contain blank subject lines, using a fake Windows icon folder to trick users into activating the malware. Once clicked, the My
Documents folder is also opened in order to hide the malware's execution.

Trend Micro Senior Antivirus Researcher Jamz Yaneza explained, "The BRONTOK/RONTOKBR malware family is particularly hard to deal with. They immediately restart the computer system once any change to the registry are detected, preventing the normal operation of manual deletion commands, antivirus software and even personal firewalls. In addition, these worms also alter HOSTS files, preventing users from getting help from antivirus websites by redirecting them to other Web pages." Computerworld Singapore - Email worm variants using blank subjects spread throughout Asia

Linked by shanmuga Friday, 26th May 2006 1:50AM