OscarBot.UG is a virus that also has the characteristics of a worm.
OscarBot.UG gets into a computer via e-mail, the Internet, floppy disks, etc, and it spreads by inserting its code in other files and programs. Its effects can range from simply annoying to destructive.
Furthermore, due to its worm characteristics, OscarBot.UG also spreads by sending out copies of itself. Its main objective is to collapse computers and networks, preventing users from working with the affected computer.
It captures certain information entered or saved by the user, with the corresponding threat to privacy:
passwords saved by certain Windows services; keystrokes, in order to obtain information for accessing online banking services, passwords and other confidential information. It sends the gathered information to a remote user by any available means: email, FTP, etc. It affects productivity, preventing tasks from being carried out: - In the affected computer:
it converts the computer into a platform for taking malicious action surreptitiously: spam sending, launch of Denial of Service attacks, malware distribution, etc.
- In the local network:
it generates a large amount of network activity and consumes bandwidth.
It reduces the security level of the computer:
it changes the security settings of Internet Explorer, decreasing its security level; it awaits remote-control orders received through
IRC. It uses stealth techniques to avoid being detected by the user: - It deletes the original file from which it was run once it is installed on the computer.
OscarBot.UG does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc. |