There are a huge number of news stories in Chinese and a few in English on the Web today about a worm that apparently is spreading rapidly in China. The Inquirer is quoting the National Computer Virus Emergency Response Centre in Tianjin, China, saying that Worm_Piloyd.B is spreading rapidly, that it infects exe, html, and asp files and blocks attempting to fix them. The centre’s English web page seems to be about a week behind, so, we couldn’t get the original notice.
The Inquirer said Piloyd probably was being used to expand a botnet.
Western AV companies have listed detections for the malware since last summer or fall. Names include:
Sunbelt: Trojan-Downloader.Win32.Sfn!cobra (v)
VIPRE and a number of the others catch it with heuristic detections.
Story here: “China warns of a new virus”