DNS-changing malware variant on the loose
Wednesday, March 18, 2009
Security experts warned this week that they have seen a new variant of the DNS-changing Trojan.Flush.M malware that resembles a cyberattack from December.
The earlier version, which attempted to install a rogue DHCP server, allows cybercriminals to monitor traffic from the infected IP addresses in an organization network and direct other machines to visit malicious websites, security experts said.
The new variant is more sophisticated and hides the fake DHCP more effectively than the previous version did, experts said.
Cyberattacks, such as DNS-changing malware exploits, grew considerably in 2008. Security experts are warning that 2009 will be a year of constantly growing and changing cyberthreats, which has the potential to breach network security.
A recent report found that from January until November 2008, roughly 34.3 million PCs were infected with botnets, with a spike in attacks from June to August that led to a 476 percent rise in the number of machines infected.
Security experts said they expect threats to continue to evolve like the DNS-changing Trojan to include more blended attacks to avoid detection.
Cybercriminals are already using the poisoned DNS cache to bypass security and deliver malicious websites, experts said.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
