ADMIN-ELECTRIK_CAT
Administrator
Din: CAT LAND
Inregistrat: acum 17 ani
Postari: 8870
|
|
“Viermele” Conficker lanseaza un atac subtil asupra computerelor
Faimosul Conficker , un program malitios care a infectat milioane de calculatoare incepand de la finele anului 2008 si despre care se credea ca va fi activat de la 1 aprilie, parea sa fi fost o alarma falsa.
Cu toate acestea, Conficker, cunoscut si sub denumirile de Downadup sau Kido, a inceput sa devina activ, transformand calculatoarele personale in servere prin care se trimit mailuri de tip spam si care instaleaza programe de tip spyware, totul, posibil prin bresele sistemului de operare Windows.
Autorii neindentificati ai virusului au inceput sa-l foloseasca in scopuri infractionale in ultimele saptamani, incarcand si mai multe software-uri clandestine intr-un mic procent din computerele aflate sub controlul lor, sustine Vincent Weafer, vicepresedinte al Symantec Security Response, ramura de cercetare a celui mai mare producator de sofware de securitate din lume, Symantec Corp.
Acelasi personaj sustine ca atactul “viermelui” este unul lent, de uzura, si nu unul agresiv. Pe data de 3 mai, anunta Weafer, virusul va inceta sa mai distribuie software-ul de spam, Waledac, pe PC-urile infectate, dar mai multe atacuri urmeaza sa se intample. Autoritatile suspecteaza ca autorii atacurilor alcatuiesc una dintre multe astfel de retele stabilite in estul Europei, Asia de Sud, China si America Latina.
Conficker virus begins to attack computers on the quiet
The malicious software program Conficker, which many feared would wreak havoc on April 1, is slowly being activated, security experts warned.
The virus, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said.
It started spreading late last year, infecting millions of computers and turning them into 'slaves' that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.
Its unidentified creators started using those machines for criminal purposes in recent weeks by loading more malicious software onto a small percentage of computers under their control, said Vincent Weafer, a vice president with Symantec Security Response, the research arm of the world's largest security software maker, Symantec Corp.
'Expect this to be long-term, slowly changing,' he said of the worm. 'It's not going to be fast, aggressive.'
Conficker installs a second virus, known as Waledac, that sends out e-mail spam without knowledge of the PC's owner, along with a fake anti-spyware program, Mr Weafer said.
The Waledac virus recruits the PCs into a second botnet that has existed for several years and specializes in distributing e-mail spam.
'This is probably one of the most sophisticated botnets on the planet. The guys behind this are very professional. They absolutely know what they are doing,' said Paul Ferguson, a senior researcher with Trend Micro Inc, the world's third-largest security software maker.
He said Conficker's authors likely installed a spam engine and another malicious software program on tens of thousands of computers since April 7.
He said the worm will stop distributing the software on infected PCs on May 3 but more attacks will likely follow.
'We expect to see a different component or a whole new twist to the way this botnet does business,' said Mr Ferguson, a member of The Conficker Working Group, an international alliance of companies fighting the worm.
Researchers had feared the network controlled by the Conficker worm might be deployed on April 1 since the worm surfaced last year because it was programed to increase communication attempts from that date.
The security industry formed the task force to fight the worm, bringing widespread attention that experts said probably scared off the criminals who command the slave computers.
The task force initially thwarted the worm using the Internet's traffic control system to block access to servers that control the slave computers.
Viruses that turn PCs into slaves exploit weaknesses in Microsoft's Windows operating system.
The Conficker worm is especially tricky because it can evade corporate firewalls by passing from an infected machine onto a USB memory stick, then onto another PC.
The Conficker botnet is one of many such networks controlled by syndicates that authorities believe are based in eastern Europe, Southeast Asia, China and Latin America.
40.9KB
_______________________________________ PM-URI №1 TUTORIAL 3XFORUM | REPORT BROKEN LINKS |
|
|