Sunday, December 24, 2006

Christmas themed malwares.

Christmas is here and it is also time for Christmas themed malwares. Users unwrapping these unsolicited gifts are bound to have a PC that can be kept wrapped forever.

There are three now making the rounds according to the F-secure weblog. One is the Christmas.exe malware. This is a IRC bot variant and once executed this one downloads malicious executables from web servers at and

This is what it looks like when opened and what works in the background is not as pretty as what you see here:
The other two are the backdoor called Christmas_Puzzle.exe, and a powerpoint file called Powerpoint file called Christmas+Blessing-4.ppt.

The Christmas_Puzzle.exe is a backdoor and is a rootkit. And this is more dangerous since rootkits are hard to detect by ordinary Anti-Virus tools. Once opened it displays a christmas themed Jigsaw puzzle on the screen just to trick the user into believing that this is a friendly software.

The Power point based malware, Christmas+Blessing-4.ppt. opens up a slide slow while it the background it drops and execute two embedded programs.

Screenshot of Christmas+Blessing-4.ppt. from the F-secure blog:

The two word vulnerabilities are not yet patched and so is the Firefox 2 password manager security flaw. And also news is that the vista exploits are being sold in the underground market for $50,000 a pop. It seems the hackers are having a busy Christmas season but at least with this christmas themed malwares I am glad that they at least realised that it is Christmas time.

Related reading:
What are Rootkits and free Rootkit detecting softwares.
27steps to prevent Viruses.
Everything about trojans and Anti-Trojans.
About spywares and Anti-spywares.
Mozilla fixe s 8 security flaws in FF2.
A look at the top 10 security threats for the coming year.