Data always plays an important role in business analysis and performance management. Various firms invest enormous amount of money in order to get there data secure. As per practical approach firm business executive access the available data in order to prepare report and prospectus for future goals. So it becomes vital for a firm to get aware about the future treats. In this article we have listed some common treats of year 2009, due to all these threats firms have suffered a lot in there business dealing.
The reason behind to publish this article is to get you aware, in meantime if such a treat occur you can get at least some information and correct approach to problem solving technique, virus info, direct link to problem solving site.
The chronological and bibliographical summary is listed in Article for your information and consideration.
Malware
- Worm.Mabezat.A
Origin : Saudhi Arabia
Number of Incidents : 381
Comment : Worm.Mabezat.A [PC Tools] is known to be created as: c:\zpharaoh.exe
Description : Mabezat is a worm that spreads through removable drives and network shares protected by weak passwords. It also creates and autorun.inf file under all the drives so that its executed whenever an user opens a drive through Windows Explorer.
Forum Discussion / Other Helpful Sites http://www.threatexpert.com/threats/worm-mabezat-a.html
http://www.antispyware.com/glossary_details.php?ID=134127
- Win32.Virut.Gen.5
Origin : Around 25 Nations including China
Number of Incidents: 66 in China
Comment : %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
Description : Nil
Forum Discussion / Other Helpful Sites
http://www.threatexpert.com/threats/win32-virut-gen-5.html
http://www.computerhope.com/forum/index.php?topic=83692.0
- Worm.AutoIT.V
Origin: U.K
Number of Incidents: 10
Comment: Nil
Description : Nil
Forum Discussion / Other Helpful Sites
http://www.threatexpert.com/threats/worm-autoit-v.html
- Trojan-PWS.Bancos
Origin: Un Known
Number of Incidents:
Comment: PWSteal.Bancos [Sophos] PWS-Banker.f [McAfee] TROJ_BANKER.EY [Trend] Trojan-Spy.Bancos Trojan-Spy.Win32.Banker.jj [Kaspersky] Win32.Formglieder.D [CA]
Description : Trojan.PWSteal.Bancos is a trojan that monitors and steals cached passwords that are stored by Microsoft Outlook. It also collects your financial information as you log on to certain predefined banking web sites.
Trojan-PSW.Bancos.PWN monitors users Internet usage to capture all login information on banking or financial websites and sends them back to the author of the trojan via email. It also hijacks banking websites by redirecting the users to a malicious website
Forum Discussion / Other Helpful Sites http://www.threatexpert.com/report.aspx?md5=b71ddb912622b652877628e639821042
http://www.pctools.com/mrc/infections/id/Trojan-PWS.Bancos/
http://www.computerhope.com/forum/index.php?topic=65923.15
- Worm.AutoRun!sd6
Origin: Un Known
Comment: A network-aware worm that attempts to replicate across the existing network(s)
Description: Worm.AutoRun!sd6 is a network-aware worm that attempts to replicate across the existing network.
Forum Discussion / Other Helpful Sites
http://web.eng.fiu.edu/zchen/paper/metric.pdf
http://www.threatexpert.com/report.aspx?md5=31f2f65002b3d06b6a3d306f988cae95
- Worm_swarley
Type : - Worm
Alias: worm_swarley.a
Risk : Moderate
Comment: A network-aware worm that attempts to replicate across the existing network(s)
Description: WORM_SWARLEY is a worm that arrives as an email attachment to mass-mailed email messages. This worm copies itself into the shared folders of peer-to-peer applications using differnt legal applications names. WORM_SWARLEY also drops copies of itself in all removable drives. It also drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed. WORM_SWARLEY then collects the target email addresses from files with the extensions .chm, .doc, .htm, .pdf, .tmp and .txt. It then uses its own SMTP engine to send email messages with a copy of itself as attachment to the email addressed it collected.
This memory-resident worm arrives as an attachment to mass-mailed email messages. When executed, it copies itself into shared folders of peer-to-peer networks bearing file names of popular applications to entice users into dowloading and executing or installing these files.
It also drops copies of itself in all physical and removable drives of the affected system, further enhancing the effectivity of its propagation routine for users sharing or accessing drives from other machines. Along with it is an AUTORUN.INF file that allows the copy's automatic execution once the removable of physical drive is accessed.
Forum Discussion / Other Helpful Sites
http://spyware.scanspyware.net/spyware-removal/worm_swarley.html
http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=WORM_SWARLEY.A - TROJ_EMOGEN.BC
Type : - Trojan
Alias: No Alias Found
Risk : Low
Comment: This Trojan is bundled with a WinRAR installer that is downloaded from a malicious Web site. Once the installer is executed, a copy of this malware is dropped onto the affected system.
Platform: - Windows 98, ME, NT, 2000, XP, Server 2003
Description : - It makes changes to the Windows registry, one of which allows it to run at every system startup.
Forum Discussion / Other Helpful Sites
http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=TROJ_EMOGEN.BC - WORM_WALEDAC.AS
Type : - Worm
Alias: No Alias Found
Risk : Low
Comment: It creates registry entries to enable its automatic execution at every system startup. It creates registry key(s)/entry(ies). It opens a random port(s).
Platform: - Windows 98, ME, NT, 2000, XP, Server 2003
Description : - This worm arrives as attachment to email messages spammed by another malware or a malicious user. It may be downloaded from certain remote sites. It may be downloaded a fake news Web site.
It gathers email adresses from the infected system and stores them in an encrypted file with .HTM or .PNG as its extension name. It then sends the file via HTTP POST several IP adresses.
Forum Discussion / Other Helpful Sites
http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=WORM_WALEDAC.AS
- TROJ_FAKEAV.GDS
Type : - Trojan
Alias: No Alias Found
Risk : Low
Comment: It poses as an anti-spyware program, purportedly from Microsoft. It entices users to buy the fake program by presenting fake pop-up alerts and fake scans, saying that the affected system has malware.
Platform: - Windows XP, Server 2003
Description : - It also displays an icon on the system bar and a fake message alert. This fake alert pops up and warns the user about a fake infection of the system:
.
Forum Discussion / Other Helpful Sites
http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=TROJ_FAKEAV.GDS
- Win32.Sality.AM.Gen
Type : - Trojan
Alias: No Alias Found
Risk : Low
Related definitions: W32.SillyFDC, W32.Yautoit, Mal/Sality-A, Virus.Win32.Sality.z, PE_SALITY.EK, PWS-Gamania.gen.a, Trojan.Win32.Delf.aam, New Win32, Virus.Win32.Sality.y, W32.Sality.AE, W32/Sality-AM, Trojan.Dropper, W32/Sality.af, W32/MoonLight.worm, PWS-Yahmali, PE_SALITY.M, Virus:Win32/Sality.AM, W32/Sality.ag.
Comments : - Checks registry records, Windows activity, captures surfing history to create matching popups
Floods Windows system with malicious trojan horses, adware and spyware files via browser security holes
Inactivates firewall and antivirus programs and transmits login names, passwords and sensitive banking records to outside hackers
Description : - Win32.Sality.AM.Gen is a mischievous malware program, a new part of the Sality family. Typically Win32.Sality.AM.Gen spreads through annoying email, schat rooms, news groups and corrupt freeware downloads. Once Win32.Sality.AM.Gen is inside the system, it will run in stealth mode and launch corrupt tskmgr.exe, regsvr.exe, svchost.exe files together witn annoying popups. Win32.Sality.AM.Gen is a aggresive that may download viruses, trojans, worms and steal secret personal data!
Forum Discussion / Other Helpful Sites
http://www.scanforfree.com/09/remove-win32-sality-am-gen.html
http://www.scanforfree.com/download/win32-sality-am-gen-remover.php
http://forum.avast.com/index.php?topic=38629.0
http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=163303#none
Other Related articles regarding Top Web Treats
About the Author
Edataindia provides Online product entry on OSCommerce – and offers services with high quality, time-bound and cost-effective Promotional Product Entry Services
Recent Comments