"The fact that Ainslot.L removes other bots from infected systems is something that definitely caught our attention," explained Luis Corrons, technical director of PandaLabs. "What makes this bot different is that it eliminates all competition, leaving the computer at its mercy."
Ainslot.L spreads via a fake email purporting to come from a UK clothing company called CULT. The message, which is very well-crafted, informs users that they have placed an order in the amount of 200 pounds on CULT's online store and the invoice amount will be charged to their credit card. The text includes a link to view the order which actually downloads the bot onto the computer. To view a screen shot of this email, please visit: http://prensa.pandasecurity.com/wp-content/uploads/2012/02/BOTUNIQUE.jpg
Corrons adds, "Phishing emails are not usually so well done and authentic in appearance. There is no doubt that fraudsters have been very careful in making this message look as real as possible in attempt to lure in as many victims as they can."
More information on the Ainslot.L bot is available in the PandaLabs Blog.
About PandaLabs Since 1990, PandaLabs, Panda Security's malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda's user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com/es. Follow Panda on Twitter at http://twitter.com/Panda_Security and on Facebook at https://www.facebook.com/PandaUSA.