You are here

Home › Fortinet Protects Against W32/Bobax.Z-dldr

Fortinet Protects Against W32/Bobax.Z-dldr

SUNNYVALE, Calif., June 3, 2005 - Fortinet - the pioneer and market leader of Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection - today announced that its FortiGate™ systems, which are ASIC-accelerated security appliances, protect against W32/Bobax.Z-dldr, also known as Download.BBX, or Downloader-ABL.

First sighted in the wild on June 2, 2005, W32/Bobax.Z-dldr is a downloader Trojan that arrives via email. The email will have a .ZIP file attachment with a small file within, and probably a file named PICS.SCR or similar. If the file within the .ZIP is run, it will attempt to connect to the Internet and download a copy of W32/Bobax.Z-net and run it. This variant of Bobax will then later send out emails in the same format that this downloader Trojan arrived, and appears to have been distributed in a mass spam email campaign. It has no spreading capabilities of its own.

Visible symptoms of W32/Bobax.Z-dldr include:

  • Possible firewall alert that the file "pics.scr" is attempting to access the Internet
  • Threat may have been received as an attachment to email

FortiGuard Distribution Network Information
All FortiGate systems in production worldwide are kept up to date automatically by Fortinet's FortiGuard Distribution Network, which provides continuous updates that ensure protection against the latest threats around the clock and around the world. To protect customers against W32/Bobax.Z-dldr, Fortinet published antivirus databases FortiOS/V2.36:4.735, FortiOS/V2.50: 4.735, FortiOSV2.80: 4.735 for its worldwide FortiGate systems and FortiClient Host Security software less than 90 minutes after receiving the first virus sample. With this latest antivirus database update, Fortinet's FortiGate systems can block the worm at the gateway before it enters customers' networks, or on the host with the FortiClient Host Software.

For further information on W32/Bobax.Z-dldr, please visit Fortinet's virus encyclopedia at: http://www.fortinet.com/VirusEncyclopedia/search/encyclopediaSearch.do?method=viewVirusDetailsInfoDirectly&fid=57258

For more information on Fortinet's FortiGuard Distribution Network please visit: http://www.fortinet.com/FortiGuardCenter/av.html

About Fortinet (www.fortinet.com)

Fortinet is the confirmed leader of Unified Threat Management market. The company's award-winning FortiGate™ series of ASIC-accelerated multi-threat security systems, winner of the 2004 Security Product of the Year Award from Network Computing Magazine and the 2003 Networking Industry Awards Firewall Product of the Year, are the new generation of real-time network protection systems. They detect and eliminate the most damaging, content-based threats from e-mail and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance. Fortinet's solutions are the only security products that are certified seven times over by the ICSA (firewall, antivirus, IPSec, SSL, IDS, client antivirus detection and cleaning), and deliver a full range of network-level and application-level services in integrated, easily managed platforms. Named a Light Reading Top 10 Private Company and #4 on Silicon Valley/San Jose Business Journal's "Fast 50" list, Fortinet is privately held and based in Sunnyvale, California.

 

How to Buy

Purchase Fortinet Products


With the superior performance of the Fortinet FortiGate security appliances, we can provide our enterprise customers with broad protection, consolidated for ease of management and maintenance. Additionally, Fortinet's appliances support 3G/3.5G wireless network connections, which will enable more flexibility and scalability for enterprises.

Ban-He Liu
HiNet Director
Data Communication Business Group, Chunghwa Telecom