A new variant of the Sdbot mass-mailing worm is doing the rounds, but this one has a novel twist - it installs a network sniffer in order to grab unencrypted passwords.
"The innovation is the use of a network sniffer to monitor traffic on the LAN (local area network). The sniffer looks for logins for system administration, banking sites and PayPal accounts, filtering traffic with a list of common strings.."
Like other Sdbot variants, worm_sdbot.uh installs numerous backdoor capabilities on an infected machine, allowing a remote attacker to issue commands on the system
On the other hand, new worm Amus uses Windows XP's built-in speech engine to inform users they are about to be infected! Some truly scarey stuff coming on the virus front these days.