Gromozon mystery clearing

Cleaner tool aims to remove sophisticated attack.

The shadowy blended threat known as Gromozon has slowly been gaining notoriety in recent weeks, particularly after some in-depth analysis was made public. Now anti-malware company PrevX has released a free, dedicated remover tool to combat the problem.

VB100

The threat has spread from an Italian website over several months, and uses a variety of highly sophisticated methods of infection, including various social engineering techniques and exploit attempts, which vary depending on the browser used to access the site, as well as obfuscated code to hamper analysis. It installs diallers, downloaders and adware on infected machines, all heavily stealthed by the accompanying rootkit technology.

The PrevX removal tool can be downloaded here. Read a blog entry on the threat from Symantec's Eric Chien here, and check the latest version of Marco Giuliani's analysis (in PDF format) here.

5 September 2006

Tags:    del.icio.us  digg this! digg this

Poll

How should software and OS patching/security updates be managed?
Manually, at the user's discretion
Automatically via an optional, user-defined schedule
Automatically via a fixed, but optional schedule
Automatically via a fixed schedule, on by default with opt-out system
Automatically and silently, with no option to run unpatched

Leave a comment
View 19 comments
Jobs Recruit Sidebar

Malware Prevalence

Dropper-misc |################|
Waledac |###############|
Agent |###########|
NetSky |#######|
Invoice |######|
 View this month's full report
Virus Bulletin currently has 165,683 registered users.