W32/Voterai.worm.d is a destructive worm designed to perform a dubious political campaign for Kenya elections.
5166 (2007-11-19)Updated DAT
W32/Voterai.worm.d is a particularly damaging worm related to elections campaign in Kenya. When started the malware will proceed in turning the user machine in a complete zombie machine. In fact, it will disable almost every security software that may be installed on the machine, and modify the system registry to disable almost any operation that user may perform, like, for example, rebooting the machine using the start menu, executing the task manager, accessing the control panel and more.
As soon as these operations have been performed, the malware will copy itself under different folders all around the computer, and especially under:
In addition to this, the malware will make sure that it will start even if the machine is rebooted, by modifying registry keys to point to the above files.
With the machine turned into a zombie, the malware will start displaying the following message.
In addition to this, the malware is able to spread using autorun techniques. Also note that the malware is designed to start even in safe boot mode.
The malware needs manual activation in order to start its malicious activities. However, it uses social engineering techniques combined with worm capabilities to trick the user into activating it.