Virut in wild, city systems shut down
Thursday, February 12, 2009
A variant of the Virut virus has been reportedly let loose in the wild, causing some city municipalities to shut down their network to quarantine affected machines until the virus was eradicated.
Though the Virut hit organizations in the past, the new version appears to be stronger and less detectable. The malware infects portable executable files, such as .exe and.scr, which allows it to spread from machine to machine, SCMagazineus.com reports. As it moves, the virus uses polymorphism - muted code - to evade detection.
After infiltrating a machine, Virut opens a backdoor and connects to an internet relay chat (IRC) server, according to the article. This can allow a cybercriminal to download more malware onto the compromised computer.
Officials at Microsoft told the news provider Virut can destroy certain files beyond repair, which means affected systems will have to install a completely clean version of their operating system to get back online.
Earlier this week, Virut forced the court system in Houston to shut down after 475 of the city's 16,000 computers were affected, the Houston Chronicle reports. The virus also caused the city website of Springfield, Missouri to shutdown as a precaution.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
