Technnologizzy
New Spyware Spies on Other Spyware
By Daniel H. Blazejewski
Mar 16, 2005, 14:39

This Glossy News artist's representation shows, in detail, what is happening inside your computer when you're infected with malware.

There’s a new piece of spyware out there that you, our faithful readers should be aware of. It’s going by the name MoveOver.M32, and it is every bit as insidious as an Internet worm, with similar aims to common spyware. But this spyware is no common spyware. No, this spyware spies on other spyware. It reports back what other spyware is reporting. Anti-spyware collaborators such as Ad-Aware and Spybot Search & Destroy are scrambling to meet this new threat.

MoveOver.M32 commonly gets onto your system either via an Instant Messaging worm or through email with the headers, “EnLarGe Your Peni$,” “Bush stole the election,” “Hi, friend!” or “Hillary 2008.” If you should receive an email with one of these headers and you weren’t expecting such an email from that person, delete it immediately. In fact, as a matter of course, if you ever receive an email expounding the virtues of “Hillary 2008,” delete it immediately.

MoveOver.M32 isn’t terribly harmful to you insofar as collecting information, since it is only collecting information that has already been collected, but it does eat up processor time and hard disk space. Additionally, it eats up RAM at an alarming pace, which could rapidly bring a Windows-based system to a screeching halt.

Walter King, of F-Secure, said, “This is a new type of worm / spyware collaboration that we have not seen before. Spying on spyware – that’s rich. I must admit, I accidentally installed the program on my computer when I clicked on the ‘EnLarGe Your Peni$’ header. Hey, you never know, it could work!”

Symantec has already put out an antivirus update that should work with its suite of software programs to block MoveOver.M32 from installing itself on your system. “One of the things that is most insidious about this program,” says Marvin Burtford, a Symantec programmer, “is that when you click on the ‘EnLarGe Your Peni$’ link, you aren’t actually given any instruction on how to enlarge your penis. I was very displeased. I mean, I could really use some help in that area, you know?”

McAffee AntiVirus has also put out an update to their software that blocks MoveOver.M32 from installing. “Simply put, we put our own spyware in the place where the MoveOver.M32 spyware would usually install to. So it has no home, you see,” said Archibald Mortensen. “Plus, our software actually supplies a URL to Enzyte’s website when you click on the ‘EnLarGe Your Peni$’ header, so we’re doing good on both ends of the spectrum.”

One thing is for certain, and that is that MoveOver.M32 is a bold, insidious new piece of malware. You might want to protect your computer the way we do here at Glossy News headquarters – instead of sending email, we yell really loud until the guy across the hall can hear us. Thankfully, this has stopped us from getting infected, though I’m tempted to click and open that ‘EnLarGe Your Peni$’ piece of email. But no – it is to be deleted. Stop spyware now – return to a paper-based office.

© Copyright 2002-2009 by GlossyNews.com