Founded on December 28, 2001 with only 2 members, after 8 years Bkis has grown into a solid union with as many as 500 members. Most of them are young and dedicated specialists and technicians. Bkis celebrated its 8^th birthday with a Music show at Youth Theatre and a Game day at West Lake WaterPark.

 Below are some activities in the birthday celebration in two days, December 26 and 27.

The Music show on the night of December 26 was opened with a dancing performance of “Little Angels” from Nightingale Club.

My Lan as a graceful MC

When virus specialists and security researchers become artists …

Bkis members have prepared their own performance for a meaningful Music show on Bkis birthday celebration. Singing and dancing on the stage, Bkisers performed like professional singers and actors.

All the performances shown to be carefully practised and organized

Bkis General Director Nguyen Tu Quang – the male voice choir of Board of Leadership in the performance “Motherland Honoring” by Ho Bac

“Bkis-made” music performance, full of inspiration, drew audience’s attention from the beginning to the end of the music show.

Awarding the team with best performance

Amateur performers’ cheerfulness after 2 month hard practice

Bkis “athletics” in the Game day

Leaving the familiar computers and daily workload, on December 27 morning, Bkis staff headed for West Lake Waterpark to enjoy a relaxing day together.

West Lake Waterpark was splendidly decorated to welcome Bkis members to exciting games

Even when playing game, all Bkis members also showed their “one-for-all” spirit as well as their “all-out effort” just like what they show at work.

Two PGs, Hong Nhung and Nina, also enthusiastically participated in the games with Bkis family.

Success comes as result of solidarity.

Bkis today with more than 500 members.

Mr. Nguyen Tu Quang, Bkis General Director, said in the company’s 8^th birthday celebration: “Eight years after the foundation, Bkis has grown into a solid union with more than 500 members from a 2 member center at the beginning. The Music show and the Game day were held to enhance the solidarity among company’s staff. ”

Bkis

On January 12, 2010, Bkis’ malware monitoring system discovered an email worm propagation campaign. This time, hacker forges Twitter’s invitation. If gullible users open the attached file, their computers will be infected with worm.

Still, familiar solutions work on this case. Accordingly, you must take caution on dealing with suspicious information from the Internet. Do not click on strange links or open unknown attached files, and particularly, you must have your antivirus software updated with the latest version.

Lastest version of Bkav has recognized the worm as W32.Hitwica.Worm

According to our malware analysts, worm also fake Hallmark and Hi5 to generate email which contained malware.

Below is the virus analysis in detailed:

1. Copies file named “nvscv32.exe” to the directory %SysDir%

2. Writes the following value :

“NVIDIA Driver Helper Service1” = “%VRPath%”

to key HKCU\….\Run so that virus can be automatically activated on Windows’ startup.

3. Writes to key

HKLM\SYSTEM\ControlSet001\…..\StandardProfile\AuthorizedApplications\List

to bypass Firewall

4. Sends emails attached with virus file via the following mail servers:

mail.messaging.microsoft

smtp.freenet.am

mail1.freenet.am

mail.gmx.net

mail.lidskialf.net

smtp.styx.cabel.net

smtp.microset.ru

…………..

5. The emails have the following content:

=============================

From     : invitations[at]twitter.com

Subject : Your friend invited you to twitter!

Body     :

“Twitter is a service for friends, family, and co-workers to communicate and stay connected through the exchange of quick, frequent answers to one simple question:

What are you doing?

To join or to see who invited you, check the attachment.”

============================

From     : invitations[at]hi5.com

Subject : Jessica would like to be your friend on hi5!

Body     :

“I set up a hi5 profile and I want to add you as a friend so we can share pictures and start building our network.

First see your invitation card I attached!

Once you join, you will have a chance to create a profile, share pictures, and find friends.”

==========================

From     : e-cards[at]hallmark.com

Subject : You have received A Hallmark E-Card!

Body     :

“Hello!

You have recieved a Hallmark E-Card from your friend.

To see it, check the attachment.

There’s something special about that E-Card feeling. We invite you to make a friend’s day and send one.

Hope to see you soon,

Your friends at Hallmark”

Analyst: Nguyen Hoai Cong

We have just received reports from VBB forum administrators about a new round of spamming dispersed via VBB forums.

When clicking on the links in the spam post, users will be redirected to the website which has the domain name and the interface similar to those of Google.

Domain name gogopillz.com was registered on Dec 10, 2009 by a person living in Russia. This domain points to a server in US.

Not only gogopillz.com, the spam post also contains dozens of links pointing to other websites that fake Google interface.

Nguyen Thanh Tuan