Printer Friendly

AutoRun growing as an infection vector.

ESET has announced that for the third consecutive month INF/Autorun, a generic detection for malware that uses the Windows Autorun facility to infect machines, was the number one detected threat in February according to ESET's ThreatSense.Net statistical reporting. The AutoRun facility allows programs on removable media such as CDs, DVDs and USB memory sticks to run automatically when the media is present. Although very convenient for installing legitimate programs, it is now frequently used as an infection vector that many security experts, including ESET, recommend that users disable the functionality.

"Trojans using Autorun to infect computers is one of the more common threats that we have been seeing for several months now. In fact, this is one of the tricks the infamous Mocmex "digital photo frame" malware uses," comments David Harley, of ESET's Research team. "Turning off the Autorun feature reduces the risk of infection, but as with any portable storage media, users should ensure that USB devices are scanned when they're opened, to make sure nothing malicious is lurking there."

Highlighted in this month's report is the adware family, Win32/Adware.Virtumonde (Vundo), which is frequently amongst the top five threats of ESET's ThreatSense.Net data. Bot herders are paid to install it on compromised machines, where it then directs the compromised machine to sites used as proxies for advertisements at addresses stored locally in the System32 folder. Virtumonde is not self-replicating, but is widely disseminated and can be very difficult and time-consuming to remove if it does manage to get itself installed.

Top 10 Threats for February

1 INF/Autorun--9.43%

2 Win32/Adware.SearchAid--8.05%

3 WIN32/Toolbar.MyWebSearch--3.11%

4 Win32/Adware.Virtumonde--2.09%

5 Win32/Adware.Virtumonde.FP--1.69%

6 Win32/Pacex.Gen--1.65%

7 Win32/Agent 1.53%

8 WIN32/Obfuscated.A1--1.33%

9 Win32/IRCBot.AAH--1.17%

10 Win32/PSW.OnLineGames.NLI--1.15

www.threatsense.net
COPYRIGHT 2008 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2008 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security News and Products
Publication:Database and Network Journal
Date:Apr 1, 2008
Words:315
Previous Article:Unprecedented fraud and large fines highlight compliance requirements for unified communications.
Next Article:IBM cracks Web 2.0 security concerns with "SMash".
Topics:


Related Articles
INDIGO ROSE LAUNCHES AUTOPLAY MENU STUDIO 3.0.
Vector competence of selected North American Culex and Coquillettidia mosquitoes for West Nile virus. (Research).
Vector competence of California mosquitoes for West Nile virus. (Research).
M-Systems' Smart DiskOnKey platform now offers CD-R functionality with new autorun and read-only features.
Salmonella risk to tots from dust.
QUICK AND EASY AUTORUN FUNCTIONALITY FOR CD.
Adenovirus methods and protocols, 2d ed.; v.1.
BitDefender's top ten malware.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters