My Name......is......Neo!

| | Comments (0)
As Keanu would say, "There's a bomb on the bus".

I mean, "Whoa". He might also have said "Excellent", but that was definitely the wrong film.

At any rate, here's an infection from China called "Agent.NEO", which probably has some deep seated relevance to the Matrix trilogy. Or maybe not. There aren't tons of screenshots of desktop fireworks, because by and large, this infection doesn't hit you with the pretty whiz-bang effects on your monitor. What it does do, however, is drop a ton of files onto your PC (many of which do strange things - here's a couple from various directories):

neo3.jpg



neo4.jpg


...slows everything down to a crawl, attempts to detect and disable security programs, contact a remote mail server with network sensitive data, hijack your IE:

neo1.jpg



neo2.jpg
Click to Enlarge

....and tries to show you a couple of Chinese popup ads (none of those pages were online at time of testing, otherwise there'd be multicoloured screenshots galore below).

I'm trying really hard to end this writeup with a really cheesy Matrix reference, but I can't think of any so in conclusion: avoid Agent.NEO at all costs (but watch the films again, they're awesome).

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on June 30, 2008 5:35 PM.

The Time, The Place.... was the previous entry in this blog.

Fast Track to Botnet Central is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.