Tag: worm
-
VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears to target. Spora exhibited worm-like behaviour months before the appearance of WannaCry, using .LNK files, a technique previously used by other malware. (Spora’s implementation is…
-
VB2017 video: Spora: the saga continues a.k.a. how to ruin your research in a week
First discovered at the beginning of the year, the Spora ransomware has become one of of the most prominent ransomware families of 2017, especially in Russia, a region it appears to target. Spora exhibited worm-like behaviour months before the appearance of WannaCry, using .LNK files, a technique previously used by other malware. (Spora’s implementation is…
-
Stuxnet infected Natanz plant via carefully selected targets rather than escape from it
Five initial victims of infamous worm named. Today, as Wired journalist Kim Zetter publishes her book Countdown to Zero Day on Stuxnet, researchers from Kaspersky and Symantec published blog posts that shine a light on how the malware spread to its likely target, the Natanz plant in Iran, and to hundreds of thousands of other…
-
Paper: Learning about Bflient through sample analysis
Flexible module-handling mechanism allows malware to adjust functionalities at will. The history of the ‘Bflient’ worm goes back to the discovery of its first variants in June 2010. The malware was created using the ‘ButterFly Flooder’ toolkit, which is an update to ‘ButterFly Bot’ – made (in)famous because it was used to create the Mariposa…
-
Flame worm one of the most complex threats ever discovered
Malware possibly used for cyber-espionage. The jury is out on whether ‘Flame’ (also known as ‘Flamer’ or ‘Skywiper’) is ‘the most lethal cyberweapon to date’ as some have claimed , or just a highly complex and sophisticated piece of malware. But simply from looking at the volume of security vendors’ blog posts dedicated to the…
-
Contract spam serving malware
Recipients made to believe they have been sent emails accidentally. In a new campaign, spammers are sending out emails that have appear to have contracts attached to them, but which actually serve malware, Sophos ‘s Graham Cluley reports. The emails, which are still being sent at the time of writing, have subject lines suggesting that…
-
Worm targets MS08-067 vulnerability
Exploit attack patches flaw once system penetrated. A worm has been seen taking advantage of the vulnerability in Microsoft ‘s Windows Server Service , patched out-of-cycle last month in the MS08-067 announcement. The worm takes advantage of machines yet to be patched by tardy administrators, and once it is installed it proceeds to patch the…
-
Microsoft issues emergency patch
Out-of-cycle update fixes serious, wormable flaw. Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly ‘Patch Tuesday’ cycle of security fixes. The flaw was considered serious enough to merit an urgent patch release, although Microsoft will only confirm having seen the usual ‘limited, targeted’…
-
Trojan-to-worm automation tool spotted
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to trojans, giving any piece of malicious code the ability to spread itself across networks. The tool, dubbed ‘Constructor/wormer’ by Panda , also allows a number of advanced options…
-
Google Groups and Blogspot used to serve malware
Company finds own IP address to be serving most malware. Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports . On the Groups pages, visitors are shown several images with explicit pornography, as well as what looks like an embedded YouTube video. However, when clicking on the…