Security Information |
|
Three-pronged Trojan Attack Threatens Security on the Internet
Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names of a modern day version of The Three Musketeers. These are Trojans engineered for a hacker attack that will infect computers and open them for use in further attacks. "Combating computer viruses is essentially a game of hide and seek," says Govind Rammurthy, CEO, MicroWorld Technologies, among the leading Security Solutions providers. "Hackers riding piggyback on viruses have only a short window of opportunity to maximize their gain before the viruses are detected, neutralized and logged into Virus Definition databases, 'vaccinating' the system against those strains. Without continuing system vulnerability caused by virus infection there is little they can do to further their malicious ends like stealing personal information, credit card details and other sensitive and vital data. To achieve their ends they need to keep the system vulnerability going for more time. This co-ordinated Trojan threat is an attempt to the keep that 'backdoor' open, essentially buying time," he concludes. Of the three, Glieder leads the initial charge. It sneaks past anti-virus protection to download and execute files from a long, hard-coded list of URLs and "plant" the infected machine with "hooks" for future use. On Windows 2000 and Windows XP machines, it attempts to stop and disable the Internet Connection Firewall and the Security Center service (introduced with Windows XP Service Pack 2). Then the Trojan accesses the URL list to download Fantibag. The way is now paved to launch the second stage of attack. Sulabh, a tester with MicroWorld Technologies says of Fantibag, "Now Fantibag goes about attacking the networking feature of the infected system to prevent it from communicating with anti-virus firms and denying access to the Microsoft Windows Update site. It closes your escape route by making it impossible to download an anti-virus solution and any subsequent Windows security patch to your system. Effectively it helps Mitglieder (the third stage Trojan) open the 'backdoor' by shutting the other doors on you." Mitglieder puts the system under complete control of the attacker by opening the 'backdoor' on a port using which the attacker can update the Trojan, to stay a step ahead of attempts to remove it, download and execute files, initiate an SMTP server to relay spam, execute files on the infected computer and download and execute files via an URL. "This is what makes it scary," say Aarti, Assistant Manager, QA, MicroWorld Technologies. "The fact that the system can now be used as a remote controlled 'soldier' (bot) in an army (botnet) of similarly compromised machines to launch criminally motivated attacks, causing harm to Internet users." Botnets thus formed can among other things, use your machine to launch Distributed Denial of service attacks which overload servers, making them crash, to send out spam, spread new Malware, plant Keylogger to retrieve your personal information like identity, passwords, account numbers etc., install Spyware, manipulate online polls/games, abuse programs like Google AdSense to cheat advertisers of revenue, and install Advertisement Addons for financial gain as in fake websites advertising services that don't exist. "Botnets can even encompass over 50,000 host machines. The potential for mischief is huge," reflects Govind Rammurthy. "Such a three-pronged Trojan attack where attackers change their virus code and release viruses quickly to bypass virus signature scanners, then disable network access to deny the user link-ups to anti-virus and Microsoft Windows Update site for protection has huge significance for virus-signature based protection. It is a sign of things to come," he says, remembering the scramble at MicroWorld labs to update their products to detect and remove the three Trojans. Anti-virus updates for the three-pronged Trojan threat are available at MicroWorld Technologies site. Maybe the time for worrying about some pimply teenager turning out malicious code because they have nothing better to do on a nice sunny morning, is over. The world could be facing a determined organized crime syndicate who'll stop at nothing to get what they want - information precious to you. MicroWorld Technologies is one of the leading solution providers for Information Technology, Content Security and Communications Software. MicroWorld has established itself as a leader in providing content security, anti-virus and corporate communications software solutions.
MORE RESOURCES: US State Department issues worldwide security alert due to potential for attacks on LGBTQ people and events KCCI Des Moines 'Blow the whistle': Indiana's top election official spends $35k on security guide mailings • Indiana Capital Chronicle Indiana Capital Chronicle Violence in New Caledonia subsides slightly as France sends reinforcements for security The Associated Press Canada security intelligence chief warns China can use TikTok to spy on users, CBC reports Reuters.com House Passes Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations Israel Resists Grand Bargain as U.S. and Saudis Work on Security Pact The New York Times International Community Meets to Discuss the Future of Nuclear Security International Atomic Energy Agency U.S.-Ukraine Security Entanglement Risks Forever War The American Conservative Security Alert: Worldwide Caution - U.S. Embassy & Consulates in Indonesia US Embassy and Consulates in Indonesia Palo Alto Networks and IBM to Jointly Provide AI-powered Security Offerings; IBM to Deliver Security Consulting ... IBM Newsroom Now armed with AI, America's adversaries will try to influence election, security officials warn The Associated Press Women are worried about their financial security. That may affect the 2024 presidential election CNBC Sean 'Diddy' Combs Allegedly Paid $50K to Obtain Hotel Security Footage of Cassie Assault: Lawsuit PEOPLE Nuclear security through the eyes of the Co-Presidents of ICONS 2024 International Atomic Energy Agency Security video appears to show Sean 'Diddy' Combs beating singer Cassie in hotel hallway in 2016 Washington Times Appropriators Lead Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations IBM Selling Cloud Security Software to Palo Alto Networks in Broader Cyber Strategy Shift The Wall Street Journal Security footage calls into question Anchorage police account of fatal shooting Alaska Public Media News Security Council Secretary: ‘Not an Inch of Armenian Land Ceded to Azerbaijan’ Armenian News by MassisPost TikTok is a threat to Canadians' data security, CSIS chief warns Bennington Banner Canada Releases Defense Policy Update to Boost Security Department of Defense NATO and Economic Security: A Political Oxymoron or Inevitability? CSIS | Center for Strategic and International Studies Amazon security guard tries to kill unsuspecting boss before he's shot dead in gunfight with police: 'He almost executed me' New York Post Identity Management and Information Security News for the Week of May 17; Exabeam, Saviynt, VAST Data, and More Solutions Review Fox News Poll: Abortion, economy, and border security are top deal-breakers in 2024 elections Fox News New Survey Finds a Paradox of Confidence in Software Supply Chain Security Security Boulevard Putin has ditched his paranoid security chief. Here are 5 of the wackiest things Nikolai Patrushev has said. POLITICO Europe See cops working security at Tacoma grocery stores? Here’s why and what policies allow Tacoma News Tribune OWASP dep-scan: Open-source security and risk audit tool Help Net Security Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. - The Washington Post Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. The Washington Post EXCLUSIVE: Two students uncover security bug that could let millions do their laundry for free TechCrunch Endpoint Security and Network Monitoring News for the Week of May 17; Alkira, Preamble, c/side, and More Solutions Review Diddy Physically Assaults Cassie in Never-Before-Seen Hotel Footage Entertainment Tonight UN sexual violence envoy pulls out of Security Council briefing on Hamas hostages The Times of Israel RSA Conference 2024: AI and the Future Of Security Security Boulevard The New U.S. Strategy on Global Health Security Think Global Health Multnomah County Signs $40 Million Contract for Armed and Unarmed Security at County Facilities, Including Public ... Willamette Week An inspector general warned the Justice Department of gaps in its security clearance appeals process Government Executive Fintech giant Flutterwave loses ₦11 billion to security breach Business Insider Africa PKI-Based Passkeys Lead The Way For A Passwordless Future Security Boulevard 7 months since Oct 7, UN Security Council holds first meeting entirely dedicated to Israeli hostages in Gaza All Israel News FCC proposes BGP security measures Network World May 17: IDF fighter jet carries out rare strike on target in West Bank city of Jenin The Times of Israel Votiro Keeps Up the Momentum in 2024 Security Boulevard The Best Home Security Systems of 2024 Security.org The situation concerning Iraq - Security Council, 9628th meeting Welcome to the United Nations JLOTS, an obscure Army-Navy capability, arrives in Gaza NavyTimes.com 'Abnormal' security video, Google Drive led to Stephan Sterns' arrest in Madeline Soto case, documents show WKMG News 6 & ClickOrlando Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds Security Boulevard Making Safety and Security Intrinsic to School Design Campus Security Today Cybersecurity Insights with Contrast CISO David Lindner | 5/17/24 Security Boulevard The Dell API Breach: It could have been prevented Security Boulevard Yemeni security forces deploy in Aden as anger simmers over lengthy power outages The Associated Press U.S. Security Cooperation with Ukraine - United States Department of State Department of State Belgium cuts off ticket sales for soccer match against Israel over ‘security concerns’ The Times of Israel |
RELATED ARTICLES
Top Five Online Scams The top five online scams on the Internet hit nearly ten million people last year according to an FBI report in December 2004. That figure doubled from 2003 to 2004 and people are continuing to fall for these email and identity theft scams. Hacking Threats and Protective Security The 1998 Data Protection Act was not an extension to, but rather a replacement which retains the existing provisions of the data protection system established by the 1984 legislation. The Act was to come into force from 24 October 1998 but was delayed until 1st March 2000. How To Give Away Your Personal Information Identity Theft and Your Personal Information--------------------------------------------Identity theft is apparently the "in thing" these days. By media accounts, hackers and evildoers lurk everywhere trying to steal your personal information. The One Critical Piece Of Free Software Thats Been Overlooked Can You Prevent Spyware, Worms, Trojans, Viruses,.. 3 Pervasive Phishing Scams Scams involving email continue to plague consumers across America, indeed the world. These so called "phishing" scams involve "spoofed" emails meant to draw the unwary to bogus internet sites masquerading as legitimate sites. Top 10 tips for Safe Internet Shopping Over £5 billion pounds was spent on online shopping in 2004. The Internet was the fastest growing retail sector last year, attracting one in four shoppers. Detect Spyware Online You can detect spyware online using free spyware cleaners and by installing spyware protection software on your computer. Often it's best to start with free spyware cleaners because these free programs will remove any spyware programs currently running on your computer. Phishing - Identity Theft & Credit Card Fraud What is Phishing?Phishing is a relatively newly coined term for a kind of method for harvesting information for identity theft. Phishing is quite simply providing a person with false information or credentials to trick them in to giving you their personal information. Ransom Trojan Uses Cryptography for Malicious Purpose Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. Why you Must Secure your Digital Product and Thank You Web Page A couple of years back, I paid my dues the 'hard way'.My web site was up and running, the sales letter had been 'crafted' with the most influential marketing techniques and the profits had been consistently coming-in, until. Data Security; Are Your Company Assets Really Secure? Is your data secure? Think again. Securing data is unlike any other corporate asset, and is likely the biggest challenge your company faces today. Fishing for Fortunes. Scam! Spelt phishing, but pronounced as above, this despicable act is an effort to batter your bankroll or commandeer your cash.To put it simply, you can get emails from account administrators, which strongly urge you to update details attached to that account. Its War I Tell You! There are ways to insure security though. You can get the Windows Update CD from Microsoft and install that before you get online, You can also get most Antivirus Definitions downloaded and save them to disk, then install those before you go online, (of course you have to be using that Product in the first place), and you can get Anti-Spyware on a disk and do the same. 3 Steps to Ending Scams and Virus Problems Watching how the traditional media covers the latest virus or scam would make one think we are all innocent victims and it is the "evil Internet" at work once again. News flash! Innocent? More like uninformed. How To Clean the Spies In Your Computer? Manual Spy Bot Removal > BookedSpaceBookedSpace is an Internet Explorer Browser Helper Object used to show advertising.Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!VariantsBookedSpace/Remanent : early variant (around July 2003) with filename rem00001. Money Mule Email Scam Hits U.S. Imagine this - you open up your email box and an international company is offering you a dream job - you can be an agent for them - a financial intermediary - receiving payments for them and transferring money to them, and, naturally, keeping a commission on each transaction.There's no investment, no money required. Five Excellent Indie Encryption And Security Solutions You Have Not Heard About 1. Geek Superherohttp://www. How To Cover Your Tracks On The Internet Every single time you access a website, you leave tracks. Tracks that others can access. Dont Get Hacked - A Guide to Protecting Your Business from Thieves You've seen it in the news - 40 million credit cards exposed!With all the news about web sites being hacked and cyberthieves stealing credit card numbers and other personal data,it's no wonder that some shoppers are still hesitant to providepayment information online. You don't have to be. Internet Small Business and Fraud Be careful of sites that promise to send you "instant pins". These companies usually have lax credit card security and can afford customer charge backs from fraudulent transactions. |
home | site map |
© 2006 |