Wednesday, February 28, 2007 9:21 AM cmosby

McAfee Avert Labs Blog - Malware writer got infected!

 Now THIS is funny!

Malware writer got infected!

Monday February 26, 2007 at 1:22 pm CST
Posted by Pedro Bueno

Trackback

It is funny to pick on malware writers…I like it… :) This time I would like to recommend that they use anti-virus as well, otherwise they can also be infected ! :)

There is no honor among malware writers and we know that. Today I was looking at a file downloaded by what was looking like a common PWS-Banker.dldr (a downloader for Password Stealer Bankers). While doing some analysis on the file, another virus detection came out: W32/Gael.worm.a. This one is a parasitc virus. This made it a bit more suspicious because it is not common to see a PWS-Banker downloader downloading a parasitics virus (really different skills). So, I attempted to clean it to try to make things a bit more clear. I cleaned the file and BINGO! :) another file came out, detected as PWS-Banker.gen.q ! :) Which means that the malware created/bought by the malware writer was infected or he/she got infected before posting the file on the site to be downloaded… :) . Yeah, my job is tooo funny! :)

Source: Computer Security Research - McAfee Avert Labs Blog

Filed under: ,

Comments

No Comments