Forum latest

Of trojans, rootkits, mass mailings and the need to stay updated!
Written by Daniel   
Tuesday, 24 October 2006 11:28
Mutating Email Bugs Swarm
Dark Reading

OCTOBER 23, 2006 | Two resurgent email-borne exploits have been hitting users particularly hard over the last week, and researchers say the uptick could get worse.

Stration.DS, a variant of a mass-mailing virus that was first spotted last month, is reproducing at alarming rates, according to researchers. Security vendor Fortinet says it has killed more than 350,000 instances today alone -- more than three times as many as it stopped on Friday; email security vendor Postini confirmed that estimate, saying it has slapped the virus down more than 363,000 times in the last 24 hours.

Separately, Panda Software says it has spotted several variants of the Haxdoor Trojan -- a rootkit exploit that often uses email to steal confidential user information -- over the last seven days. Like Stration, Haxdoor is not new, but appears to be re-emerging in a particularly virulent strain.

Stration, which first appeared in August, is morphing at a breakneck pace. Fortinet has spotted dozens of major variants in the last two months, and the most recent major variant, Stration.DS, has given birth to 495 minor variants since Oct. 18, according to Bryan Lu, an antivirus researcher at Fortinet.

Stration's secret, Lu explains, is it uses previously-infected machines as the launch point for new variants of the virus. With each variant, the virus has a larger base of machines to launch from, and can therefore multiply at a greater rate. Stration.DS also does a better job of concealing itself than previous mass mailer viruses, often hiding as an extension rather than as an obvious executable file, he adds.

"It will probably continue to proliferate at its current rate until more people update their antivirus software and it has a smaller base of machines to launch from," Lu says. "When most people have their antivirus products upgraded, we'll start to see the numbers go down."


See also

None found.

Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either