"Ten" of actual viruses. June 2009

    We bring to your attention a fresh report based on data collected by the ThreatSense.Net system for the past month (June 2009).
    ESET ThreatSense.Net

    The ThreatSense.Net quick alert recognition system integrated into our products is designed to detect and recognize threats at the stage of their occurrence, thereby preventing infection of users' computers. It is also used to monitor viral activity.

    Using this convenient tool, we can monitor the picture of computer infections and make a list of current threats. Monthly observations allow us to analyze the dynamics of the spread of viruses - based on the data obtained, a number of important conclusions can be made.

    In the first placeThe June chart presents the well-known Win32 / Conficker threat . The PR of this virus turned out to be excellent - it seems that all the media spoke about it. For those who nevertheless missed a detailed description of this virus, we will briefly talk about it: Win32 / Conficker uses a hole in the Windows security system (however, already closed by the corresponding update), gets access to the RPC subsystem and can be remotely launched without the need to obtain user rights access. Win32 / Conficker loads multiple DLLs through svhost processes, and then establishes a connection with a group of already infected computers and downloads additional malicious components. In addition, it penetrates into unprotected shared (“shared”) folders and removable media, registering itself in the autorun.inf file . When this media is connected to another computer, the script described in autorun.inf will automatically start and the computer will be infected as well.

    In second place is a group of threats united by the principle of proliferation. Various malware specializing in autorun.inf distribution is highly dangerous. The easiest way to deal with such threats is to prevent the operating system from executing scripts written in the autorun.inf file .

    A kind of " Bronze " gets a worm specializing in computer game lovers, spending a lot of time on the network. Spyware penetrates users' computers and tries to detect data to access game accounts. A trifle, of course - but, you must admit, it will not be very pleasant to lose the charm of the fiftieth level, which you spent a few weeks pumping ... Yes, by the way, some online services are also paid - if so, then the effect of virus penetration on your computer may affect and on the contents of your wallet.

    The remaining threats are not so widespread, and we will not dwell on their detailed study.

    Also popular now: