Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/Tibs

Overview

Threat Risk MEDIUM MEDIUM
Destructivity MEDIUM MEDIUM
Payload Installs malware, shows annoying popups, allows unauthorized access
Detection files published 18 Oct 2005 03:00:00
Description created 24 Jan 2007 05:33:00
Description updated 24 Jan 2007 05:33:00
Malware type WORM
Alias Storm
Nuwar
Zhelatin
Lager
Luder
Mixor
Peacomm
Stormy (various components)
Spreading mechanism EMAIL
UNKNOWN
Summary None

W32/Tibs

Spreading

This malware is normally spammed out on email or found on trojanized webpages, but some variants are assisted by worm- and viruslike malware.
First components were found already in 2005, but many more have been found since.

Payload Details

Tibs is a powerful malware-distribution-tool. The material downloaded usually includes a large amount of ad- and spyware programs, as well as new downloaders again. It is not unusual to find hundreds of various malicious files where Tibs has left its mark. In addition to making the computer almost unusable because of popups and ads, it also sets the computer open to be used as a spamtool, and to be included in further distribution of malware.

Analysis

n/a

Removal

n/a


Last Updated: 12 Nov 2015 11:06:11