| |
| |
|
Security Information |
|
|
|
Three-pronged Trojan Attack Threatens Security on the Internet
Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names of a modern day version of The Three Musketeers. These are Trojans engineered for a hacker attack that will infect computers and open them for use in further attacks. "Combating computer viruses is essentially a game of hide and seek," says Govind Rammurthy, CEO, MicroWorld Technologies, among the leading Security Solutions providers. "Hackers riding piggyback on viruses have only a short window of opportunity to maximize their gain before the viruses are detected, neutralized and logged into Virus Definition databases, 'vaccinating' the system against those strains. Without continuing system vulnerability caused by virus infection there is little they can do to further their malicious ends like stealing personal information, credit card details and other sensitive and vital data. To achieve their ends they need to keep the system vulnerability going for more time. This co-ordinated Trojan threat is an attempt to the keep that 'backdoor' open, essentially buying time," he concludes. Of the three, Glieder leads the initial charge. It sneaks past anti-virus protection to download and execute files from a long, hard-coded list of URLs and "plant" the infected machine with "hooks" for future use. On Windows 2000 and Windows XP machines, it attempts to stop and disable the Internet Connection Firewall and the Security Center service (introduced with Windows XP Service Pack 2). Then the Trojan accesses the URL list to download Fantibag. The way is now paved to launch the second stage of attack. Sulabh, a tester with MicroWorld Technologies says of Fantibag, "Now Fantibag goes about attacking the networking feature of the infected system to prevent it from communicating with anti-virus firms and denying access to the Microsoft Windows Update site. It closes your escape route by making it impossible to download an anti-virus solution and any subsequent Windows security patch to your system. Effectively it helps Mitglieder (the third stage Trojan) open the 'backdoor' by shutting the other doors on you." Mitglieder puts the system under complete control of the attacker by opening the 'backdoor' on a port using which the attacker can update the Trojan, to stay a step ahead of attempts to remove it, download and execute files, initiate an SMTP server to relay spam, execute files on the infected computer and download and execute files via an URL. "This is what makes it scary," say Aarti, Assistant Manager, QA, MicroWorld Technologies. "The fact that the system can now be used as a remote controlled 'soldier' (bot) in an army (botnet) of similarly compromised machines to launch criminally motivated attacks, causing harm to Internet users." Botnets thus formed can among other things, use your machine to launch Distributed Denial of service attacks which overload servers, making them crash, to send out spam, spread new Malware, plant Keylogger to retrieve your personal information like identity, passwords, account numbers etc., install Spyware, manipulate online polls/games, abuse programs like Google AdSense to cheat advertisers of revenue, and install Advertisement Addons for financial gain as in fake websites advertising services that don't exist. "Botnets can even encompass over 50,000 host machines. The potential for mischief is huge," reflects Govind Rammurthy. "Such a three-pronged Trojan attack where attackers change their virus code and release viruses quickly to bypass virus signature scanners, then disable network access to deny the user link-ups to anti-virus and Microsoft Windows Update site for protection has huge significance for virus-signature based protection. It is a sign of things to come," he says, remembering the scramble at MicroWorld labs to update their products to detect and remove the three Trojans. Anti-virus updates for the three-pronged Trojan threat are available at MicroWorld Technologies site. Maybe the time for worrying about some pimply teenager turning out malicious code because they have nothing better to do on a nice sunny morning, is over. The world could be facing a determined organized crime syndicate who'll stop at nothing to get what they want - information precious to you. MicroWorld Technologies is one of the leading solution providers for Information Technology, Content Security and Communications Software. MicroWorld has established itself as a leader in providing content security, anti-virus and corporate communications software solutions.
MORE RESOURCES:
Security - Google News |
|
|
|
RELATED ARTICLES
Phishing Recently I have received email from my bank/credit Card Company, eBay & pay pal saying that my account has possibly been compromised and I need to confirm my details and password in order to get continued access.Spam email now has a new and more frightening variant, it's called phishing and it has been made by criminals and hackers who aim at getting unwitting consumers to reveal account numbers and passwords. SPYWARE - Whos Watching Who? I am in the midst of Oscar Wilde's The Picture of Dorian Gray. "The basis of optimism is sheer terror. Protect Your Little Black Book The movie Little Black Book features a young woman, Stacy, who is frustrated when her boyfriend refuses to share information about his past relationships. When his PDA, a Palm Tungsten C, falls into her hands, she is faced with a conundrum. Passwords or Pass Phrase? Protecting your Intellectual Property Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks. Computer-Virus Writers: A Few Bats In The Belfry? "Male. Obsessed with computers. Spyware Protection Software Spyware protection software is the easiest way of removing spyware from your computer and keeping it away. It detects and removes all pieces of spyware and adware automatically. Cybercriminals Trick: Targeted Trojan-Containing Emails Threats we ordinary Web users face online leave us no choice but learn. Haven't you noticed how many new things you learned lately? We are much better informed about malicious programs than just a year ago. Crack The Code - Thats A Direct Challenge I Challenge You To Crack The Code ------------------------------------- I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network. Anti-Spyware Protection: Behind How-To Tips There is no doubt that "how-to articles" have become a separate genre. One can find such an article about almost anything; there are even some entitled "How to Write a How-To Article". Phishing - A High Tech Identity Theft With A Low Tech Solution Have you ever got an email asking you to confirm your account information from a bank or a company that you have never done business with? The email looks official and it even has a link that appears to take you to the company's website. The email you have received is actually from an identity thief. Is Spyware Watching You? Imagine my surprise when I received a phone call from a friend who told me he'd been the victim of a "spyware" attack that left him shaking at his loss of privacy.I listened to his horror story with a sympathetic ear, but I felt secure since I carry anti-virus software and a firewall (both by Norton). Spy Scanners - Don't Compromise your Privacy Spies, spyware, internet parasites are among what they are usually called. These are scouts that monitor your web activities. Consumers: Shop Online and Get Information Safely Do you really have to know how feeds work? Not really. But you do need to understand how they can benefit you as a consumer or as an information seeker. The Move to a New Anti-Virus Model This is the second in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.Reason #1: the Basic ModelAnti-virus software vendors still rely on yesterday's methods for solving today's problems: they wait for the next virus to wreak havoc and then produce a solution. Spyware Attacks! Windows Safe Mode is No Longer Safe Many of us have run into an annoying and time-consuming error. With your machine running goofey you decide to run a scan for trojans and spyware. Spyware Programs Are Out To Get You! The average computer is packed with hidden software that can secretly spy on online habits.The US net provider EarthLink said it uncovered an average of 28 spyware programs on each PC scanned during the first three months of the year. Internet Privacy Over the past few years as the internet has become more and more popular, privacy has become a major issue. Just as if you are walking down the street and can be watched, every click of your mouse every website you browse, or file you download, is traceable. Arming Yourself Against Spyware While clicking from site to site on the internet you are likely to land yourself on a website that downloads spyware onto your computer system. Even while using familiar or unlikely and secure web site you run the risk of being infected with unwanted spyware. The Never Ending Spyware Story It's been with us since 1993, it's gotten more intrusive, more complicated.It's created a whole ecosystem, so to speak. What Can Be Done About Spyware And Adware Having a good Spyware eliminator on your computer is vital now a days with all of the different Spyware, Adware, and other malicious computer parasites that are out there. Most of them are reasonably priced and very easy to use.
|
| home | site map |
| © 2006 |
