Перейти к содержимому


Фото
- - - - -

March 2008 virus activity review from Doctor Web, Ltd.

Автор News Robot , апр 02 2008 12:15

  • Please log in to reply
Нет ответов в данной теме

#1 News Robot

News Robot

    Creator of the News

  • Dr.Web Staff
  • 8 017 Сообщений:

Отправлено 02 Апрель 2008 - 12:15

April 2, 2008


The virus monitoring service of Doctor Web, Ltd. has analyzed viral activities in March 2008.


The variation of the malware that writes itself to the MBR and uses rootkit technologies to hide its presence in the system (now often called a bootkit) surely became the event of the month. The bootkit entered the Dr.Web database as BackDoor.MaosBoot with its dropper added as Trojan.Packed.370 . The creators of the malware tried to make it extremely difficult for an anti-virus to cure the bootkit, however, once gain has proven its high technology — the latest Dr.Web scanner that is currently undergoing beta-testing features a unique algorithm for detection and curing BackDoor.MaosBoot without resorting to any advanced system tools. Anyone can participate the open beta-testing.


Strange as it seems, but spreading Trojan.PWS.LDPinch.1941 via ICQ also became an event worh mentioning. Doctor Web, Ltd. support staff received a lot of messages on infection by the Trojan from users. Morever, the Trojan executable was modified several times to avoid detection by anti-virus applications but all the variations were promptly added to the Dr.Web database.


The new social engineering trick used to lure a user into downloading the malware should also be mentioned — a reply-message from a recruiting company offering to enter personal data in a special form and providing a link to the "form”. Actually the "form" is a malicious program detected by Dr.Web ainti-viruses as Trojan.Sentinel .
Spam Apart from messages used to spread malware March saw offerings of spam mailing based on addresses databases of Russia, Ukraine and other CIS countries or tax evasion schemes and construction companies advertising which prevailed over other subjects.
March 2008 virus statistics
Table 1. 20. Most prevailing viruses detected on mail servers


01.03.2008 - 31.03.2008 1Win32.HLLM.Netsky.35328 105766 (27.39%) 2Win32.HLLM.Beagle 41605 (10.77%) 3Win32.HLLM.Netsky.based 31333 (8.11%) 4Win32.H...

http://info.drweb.com/show/3305?lng=en
Назад к Company news (English)
  1. Dr.Web forum
  2. English forums
  3. Company news (English)
  4. Privacy Policy
  5. Terms & Rules ·