|
SUNNYVALE, Calif., June 3, 2005
- Fortinet - the pioneer and market leader of Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection
- today announced that its FortiGate™ systems, which are ASIC-accelerated security appliances, protect against W32/Bobax.Z-dldr, also known as Download.BBX, or Downloader-ABL.
First sighted in the wild on June 2, 2005, W32/Bobax.Z-dldr is a downloader Trojan that arrives via email. The email will have a .ZIP file attachment with a small file within, and probably a file named PICS.SCR or similar. If the file within the .ZIP is run, it will attempt to connect to the Internet and download a copy of W32/Bobax.Z-net and run it. This variant of Bobax will then later send out emails in the same format that this downloader Trojan arrived, and appears to have been distributed in a mass spam email campaign. It has no spreading capabilities of its own.
Visible symptoms of W32/Bobax.Z-dldr include:
- Possible firewall alert that the file "pics.scr" is attempting to access the Internet
- Threat may have been received as an attachment to email
FortiGuard Distribution Network Information
All FortiGate systems in production worldwide are kept up to date automatically by Fortinet's FortiGuard Distribution Network, which provides continuous updates that ensure protection against the latest threats around the clock and around the world. To protect customers against W32/Bobax.Z-dldr, Fortinet published antivirus databases FortiOS/V2.36:4.735, FortiOS/V2.50: 4.735, FortiOSV2.80: 4.735 for its worldwide FortiGate systems and FortiClient Host Security software less than 90 minutes after receiving the first virus sample. With this latest antivirus database update, Fortinet's FortiGate systems can block the worm at the gateway before it enters customers' networks, or on the host with the FortiClient Host Software.
For further information on W32/Bobax.Z-dldr, please visit Fortinet's virus encyclopedia at:
http://www.fortinet.com/VirusEncyclopedia/search/encyclopediaSearch.do?method=viewVirusDetailsInfoDirectly&fid=57258
For more information on Fortinet's FortiGuard Distribution Network please visit:
http://www.fortinet.com/FortiGuardCenter/av.html
About Fortinet (www.fortinet.com)
Fortinet is the confirmed leader of Unified Threat Management market. The company's award-winning FortiGate™ series of ASIC-accelerated antivirus firewalls, winner of the 2004 Security Product of the Year Award from Network Computing Magazine and the 2003 Networking Industry Awards Firewall Product of the Year, are the new generation of real-time network protection systems. They detect and eliminate the most damaging, content-based threats from e-mail and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance. FortiGate systems are the only security products that are quadruple-certified by the ICSA (antivirus, firewall, IPSec, NIDS), and deliver a full range of network-level and application-level services in integrated, easily managed platforms. Named to the Red Herring Top 100 Private Companies, Fortinet is privately held and based in Sunnyvale, California.
|
