Interesting People mailing list archives
Warning on stealthy Windows virus
From: David Farber <dave () farber net>
Date: Mon, 14 Jan 2008 11:07:26 -0500
Begin forwarded message: From: dewayne () warpspeed com (Dewayne Hendricks) Date: January 13, 2008 10:29:04 PM EST To: Dewayne-Net Technology List <xyzzy () warpspeed com> Subject: [Dewayne-Net] Warning on stealthy Windows virus Warning on stealthy Windows virusSecurity experts are warning about a stealthy Windows virus that steals login details for online bank accounts.
<http://news.bbc.co.uk/2/hi/technology/7183008.stm>In the last month, the malicious program has racked up about 5,000 victims - most of whom are in Europe.
Many are falling victim via booby-trapped websites that use vulnerabilities in Microsoft's browser to install the attack code.
Experts say the virus is dangerous because it buries itself deep inside Windows to avoid detection.
Old tricksThe malicious program is a type of virus known as a rootkit and it tries to overwrite part of a computer's hard drive called the Master Boot Record (MBR).
This is where a computer looks when it is switched on for information about the operating system it will be running.
"If you can control the MBR, you can control the operating system and therefore the computer it resides on," wrote Elia Florio on security company Symantec's blog.
Mr Florio pointed out that many viruses dating from the days before Windows used the Master Boot Record to get a grip on a computer.
Once installed the virus, dubbed Mebroot by Symantec, usually downloads other malicious programs, such as keyloggers, to do the work of stealing confidential information.
Most of these associated programs lie in wait on a machine until its owner logs in to the online banking systems of one of more than 900 financial institutions.
[snip] ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Warning on stealthy Windows virus David Farber (Jan 14)