BEOR999
12-20-1999, 04:55 AM
Central Command's EVRT Warns of Babylonia, an Internet Worm
> Spreading Around the World with a Collection of Advanced Infection
> Technologies
>
> The Emergency Virus Response Team (EVRT) at Central Command is
> issuing a virus alert about a new advanced virus that is capable of
> spreading through the internet and updating itself with plug-ins.
> Win95.Babylonia is the first virus that can infect a computer, spread
> via the Internet as a worm, and update itself with new features as
> they are released.
>
> This virus infects Windows 95 systems; Windows help files, sends
> itself as an e-mail attachment, and can update itself with plug-ins.
> Using advanced technologies, Babylonia can infect and install itself
> into many different applications within the computer. By infecting
> Windows 95 applications Babylonia spreads like a normal virus by
> replicating through a system using a resident copy hidden in the
> background. Additionally, by contaminating Windows help files the
> Babylonia virus can use them as infection carriers, which greatly
> reduces the chances that an antivirus scanner can remove all traces
> of this virus. Working as an Internet worm, it patches the
> wsock32.dll application, part of the DLL files required to connect to
> the Internet, and then sends copies of the virus out as e-mail
> attachments. Lastly, while an infected user is online it connects to
> a website in Japan and adds additional utilities to itself as plug-
> ins.
>
> "This mixture of features makes this virus one of the more advanced
> we have seen for sometime." Said Keith Peer, President of Central
> Command Inc. "This virus includes technology ideas from the Chernobyl
> a.k.a.Win95.CIH virus with it's resident capabilities under Windows
> 95, I-Worm.Happy being able to patch the wsock32.dll file for
> spreading as an e-mail attachment, and WinHLP.Demo to infect Windows
> Help files."
>
> More information about Babylonia can be read at http://www.avp.com
>
> AntiViral Toolkit Pro has been updated to protect, detect and remove
> this virus from infected system. A fully functional time limited
> evaluation is available for download at http://www.avp.com.
>
> About Central Command: Central Command Inc. is a privately held
> international company with headquarters in Medina, Ohio, USA. Founded
> in 1990 the company specializes in anti-virus protection products and
> focuses on serving the industrial market place, government,
> financial, educational institutions and service industries. Central
> Command Inc. may be found at http://www.avp.com.
>
> About Kaspersky Lab: is a fast-growing international company with
> offices in Moscow, Russia and Cambridge, UK. Started the business in
> 1992 it has concentrated in development of world-leading anti-virus
> technologies and software. Kaspersky Lab is a vendor of a world-known
> award-winning anti-virus product AntiViral Toolkit Pro (AVP).
> Kaspersky Lab can be found at http://www.avp.ru
>
> Spreading Around the World with a Collection of Advanced Infection
> Technologies
>
> The Emergency Virus Response Team (EVRT) at Central Command is
> issuing a virus alert about a new advanced virus that is capable of
> spreading through the internet and updating itself with plug-ins.
> Win95.Babylonia is the first virus that can infect a computer, spread
> via the Internet as a worm, and update itself with new features as
> they are released.
>
> This virus infects Windows 95 systems; Windows help files, sends
> itself as an e-mail attachment, and can update itself with plug-ins.
> Using advanced technologies, Babylonia can infect and install itself
> into many different applications within the computer. By infecting
> Windows 95 applications Babylonia spreads like a normal virus by
> replicating through a system using a resident copy hidden in the
> background. Additionally, by contaminating Windows help files the
> Babylonia virus can use them as infection carriers, which greatly
> reduces the chances that an antivirus scanner can remove all traces
> of this virus. Working as an Internet worm, it patches the
> wsock32.dll application, part of the DLL files required to connect to
> the Internet, and then sends copies of the virus out as e-mail
> attachments. Lastly, while an infected user is online it connects to
> a website in Japan and adds additional utilities to itself as plug-
> ins.
>
> "This mixture of features makes this virus one of the more advanced
> we have seen for sometime." Said Keith Peer, President of Central
> Command Inc. "This virus includes technology ideas from the Chernobyl
> a.k.a.Win95.CIH virus with it's resident capabilities under Windows
> 95, I-Worm.Happy being able to patch the wsock32.dll file for
> spreading as an e-mail attachment, and WinHLP.Demo to infect Windows
> Help files."
>
> More information about Babylonia can be read at http://www.avp.com
>
> AntiViral Toolkit Pro has been updated to protect, detect and remove
> this virus from infected system. A fully functional time limited
> evaluation is available for download at http://www.avp.com.
>
> About Central Command: Central Command Inc. is a privately held
> international company with headquarters in Medina, Ohio, USA. Founded
> in 1990 the company specializes in anti-virus protection products and
> focuses on serving the industrial market place, government,
> financial, educational institutions and service industries. Central
> Command Inc. may be found at http://www.avp.com.
>
> About Kaspersky Lab: is a fast-growing international company with
> offices in Moscow, Russia and Cambridge, UK. Started the business in
> 1992 it has concentrated in development of world-leading anti-virus
> technologies and software. Kaspersky Lab is a vendor of a world-known
> award-winning anti-virus product AntiViral Toolkit Pro (AVP).
> Kaspersky Lab can be found at http://www.avp.ru
>