A review of viral conditions for March from the company Dr. Web
April 6, 2009, 9:34 am
The company Doctor Web, published a review of viral activity in March 2009. In the past month have witnessed a great number of new cases of fraud with the use of malicious software. Bot networks have continued their good development, the authors began to adopt more aggressive methods of dissemination and exploitation, and the number of bot-infected computers continues to grow rapidly. In the subject of spam advertising dominated by mass mailings of letters. In March 2009, attracted the most attention bot-network Tdss and Shadow. They began to use new methods to increase its efficiency, as well as continuing to apply the already well-established methods of distribution - through removable drives, through shared network resources by using known vulnerabilities. This, unfortunately, suggests that not all users follow the recommendations of anti-virus companies to comply with the elementary rules of Information Security. BackDoor. Tdss, used by hackers to enhance bot networks Tdss, uses several other methods - from release to release finalized used rootkit techniques to hide in order to more effectively counter the work of antivirus software. Thus, the modern version of BackDoor. Tdss learned quite effectively with the work of antivirus file monitors. Also, except for a fairly popular and have not hitherto seriously exploiting vulnerabilities of the OS family of Windows, this backdoor uses such an old and well known to most users of the method of the spread of malicious software - in the form of codecs to play videos. Despite the publicity, this method still works quite well. In the past month has once again seen significant growth in new schemes of fraud with the help of malicious programs. Clients of banks using bank plastic cards last month roiled by news of discovered in the systems of some ATMs owned Russian banks, malware. Data collected for the malicious program information stored in bank cards as well as the balances of accounts, which are transmitted in the ATM of the bank at the request of the user. This malicious program on the classification of Dr. Web was named Trojan. Skimer. In spite of the widely distributed anti-virus vendor for details about lzhe-antivirus, bad guys are still actively using the scheme of fraud by using antivirus-fakes to get money from users for the program dummy. Over time, malicious sites, which extended lzhe-antivirus, becoming more persuasive, using professional methods of design. Such names as lzhe-antivirus Antivirus XP 2008 has become byword. Neugasayuschaya popularity of social networks does not cease to provide new opportunities for cyber fraudsters to improvisation. For example, Trojan Trojan. PWS. Vkontakte. 6 is distributed as a program for the rapid uplift rating of the popular social network in Russia Vkontakte. ru. The main flow of spam in March, was devoted, in fact, advertising of the spam mails. Apparently, at this point in the market-spam services, the proposal far exceeds the demand. Among the most popular spam topics were advertising pirated DVD-ROM drive with a series of medical supplies, offers to buy expensive mobile phones with large discounts, as well as replicas (apparently identical copies) of expensive watches. Also of note is the high level of communications, are invited to attend various kinds of conferences and other activities related to training. With regard to the spread of malicious code in spam, as well as links to malicious sites to spam messages, in recent months, their number has declined significantly. Due to the lack of long-time and mass mailings related to the proliferation of malicious files, there are various background effects. So often in the statistics in the first place went malicious programs, for which atypical dissemination through e-mail traffic, for example, file viruses. This is may be because users of infected computers to transfer files, create backups of data that need to send, and in the archives at the same time and are malicious software. from the mass mailings related to the proliferation of malicious attachments in March can be very short (few hours), but the massive distribution of Win32. HLLW. Brutus. 3 and a bit more, but less bulk Trojan. PWS. Panda. 114. The last Trojan was spread under the guise of a message supposedly from the courier service DHL, which said that the shipment could not be delivered due to errors in the address. The letter proposed to print the attached invoice and enter it in the office of DHL. In fact, the archive is located in the attached malicious file. In March, also continued to spam mailing, offering users to participate in schemes similar to the financial pyramid. The number of data circuits increases. Despite a slight decrease in March, the use of phishing were seen phishing distribution targeted at participants of popular Internet auction eBay.
malicious, march, spam, methods, users, trojan, antivirus, using, number, software• DHL could not be delivered • the shipment could not be delivered dhl • shipment could not be delivered dhl • The shipment could not be delivered dhl • DHL The shipment could not be delivered • The shipment could not be delivered dhl • dhl The shipment could not be delivered