W32.Vapka.A


Aliases: Generic_c.DVS, TR/Spy.17408.C
Variants: TSPY_DELF.NUY

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Fast
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 27 Sep 2007
Damage: Medium

Characteristics: The W32.Vapka.A application is a back door worm that spreads via network sharing. It copies itself to removable media where in it permits attackers to access on your files and steals confidential information. These attackers could as well take full control over the infected computer.

More details about W32.Vapka.A

W32.Vapka.A is a worm that affects Windows 2000, Windows Server 2003, Windows NT, Windows Vista, Windows Me, Windows XP, Windows 95,Windows 98 . Once this file is executed, the worm copies itself to a .clb or .exe file to removable media devices and creates a .dat or .pfx files. The program will then modify registry entry in the windows and drops down .dll and .exe files, which sends stolen information to the remote attacker. These infected files can as well delete browser caches and password files, steals mail account details, and steals certificate information. It also attempts to disable security-related applications such as antivirus and firewall on infected computer.

This W32.Vapka.A program opens a backdoor on the user’s computer. The backdoor serves as a means for the remote user to communicate with the Trojan software on the affected computer. The Trojan program listens for commands from the remote user from a certain port. Several tasks are performed on the user’s computer stealthily. The W32.Vapka.A program allows the remote user to take control of the affected machine. The remote user can send some commands, such as downloading and uploading unwanted content, starting or participating in DoS (Denial of Service) attacks, deleting of important files from the affected computer and making some changes on the system’s settings. These activities may lead to poor system performance. The computer may slow down noticeably. Some activities are said to lead to system crash.