"Ten" current viruses. June 2009
We bring to your attention a recent report based on data collected by ThreatSense.Net system for the past month (June 2009).
The built-in recognition system for quick notification ThreatSense.Net is designed to detect and recognize threats at the stage of their occurrence, thereby preventing infection of users' computers. It is also used to monitor viral activity.
With the help of this handy tool, we can monitor the pattern of infection of computers and make a list of actual threats. Many months of observations allow us to analyze the dynamics of the spread of viruses - a number of important conclusions can be drawn from the data obtained.
')
In the first place of the June chart is the well-known threat of Win32 / Conficker . PR of this virus has turned out excellent - it seems, all the media talked about it. Those who still missed a detailed description of this virus, briefly tell about it: Win32 / Conficker uses a hole in the Windows security system (however, it has already been closed by a corresponding update), gets access to the RPC subsystem and can be remotely launched without the need to obtain user rights access. Win32 / Conficker loads several DLLs through svhost processes, and then, establishes communication with a group of already infected computers and downloads additional malicious components. In addition, it penetrates into unprotected shared (“shared”) folders and removable media by writing itself in the autorun.inf file. When you connect such media to another computer, the script, written in autorun.inf , will automatically run, and the computer will also be infected.
In second place is a group of threats united according to the principle of distribution. Various malware specializing in autorun.inf distribution is highly dangerous. The easiest way to deal with such threats is to prevent the operating system from running scripts specified in the autorun.inf file.
A kind of " Bronze " gets a worm specializing in amateur computer games, spending a lot of time on the network. Spyware penetrates users' computers and tries to detect data for access to game accounts. A trifle of course - but, you see, it will not be very pleasant to lose the fiftieth level spell, which you spent several weeks on pumping ... Yes, by the way, some online services are also paid - if so, the effect of virus penetration on your computer may also affect and on the contents of your wallet.
The remaining threats are not so widespread, and we will not dwell on their detailed study.
The built-in recognition system for quick notification ThreatSense.Net is designed to detect and recognize threats at the stage of their occurrence, thereby preventing infection of users' computers. It is also used to monitor viral activity.
With the help of this handy tool, we can monitor the pattern of infection of computers and make a list of actual threats. Many months of observations allow us to analyze the dynamics of the spread of viruses - a number of important conclusions can be drawn from the data obtained.
')
In the first place of the June chart is the well-known threat of Win32 / Conficker . PR of this virus has turned out excellent - it seems, all the media talked about it. Those who still missed a detailed description of this virus, briefly tell about it: Win32 / Conficker uses a hole in the Windows security system (however, it has already been closed by a corresponding update), gets access to the RPC subsystem and can be remotely launched without the need to obtain user rights access. Win32 / Conficker loads several DLLs through svhost processes, and then, establishes communication with a group of already infected computers and downloads additional malicious components. In addition, it penetrates into unprotected shared (“shared”) folders and removable media by writing itself in the autorun.inf file. When you connect such media to another computer, the script, written in autorun.inf , will automatically run, and the computer will also be infected.
In second place is a group of threats united according to the principle of distribution. Various malware specializing in autorun.inf distribution is highly dangerous. The easiest way to deal with such threats is to prevent the operating system from running scripts specified in the autorun.inf file.
A kind of " Bronze " gets a worm specializing in amateur computer games, spending a lot of time on the network. Spyware penetrates users' computers and tries to detect data for access to game accounts. A trifle of course - but, you see, it will not be very pleasant to lose the fiftieth level spell, which you spent several weeks on pumping ... Yes, by the way, some online services are also paid - if so, the effect of virus penetration on your computer may also affect and on the contents of your wallet.
The remaining threats are not so widespread, and we will not dwell on their detailed study.
Source: https://habr.com/ru/post/63419/
All Articles