local virus attacks by using the
user mere negligence. But this one
virus has been 'first class' by
exploiting Windows vulnerabilities.
The presence of virus was
delivered by antivirus researchers
of Vaksincom, Alfons Tanujaya.
"He made a shortcut and exploit
vulnerabilities. Seldom local virus
exploits a security hole," said
Alfons to ITGazine, Thursday
(26/08/2010).
Adang Jauhar Taufik, antivirus
Vaksincom analyst, said the first
report of this virus came from the
city of Gorontalo on Sulawesi. The
spread of this virus is known via a
USB Flashdrive.
These viruses change the folder
that is in the USB stick into the
shortcut. Then, if a shortcut is
accessed virus will infect the
computer until the computer's
performance become poor.
In addition, Alfons said, this virus
to protect himself from the tool as
Security Task Manager or other
process killer application. If used,
the application could hang or die.
"Apparently, the virus makers pay
attention to virus eradication
articles Vaksincom often using
Security Task Manager. So if
cleared, he was prepare," said
Alfons.
Cracks are utilized by this virus is a
Microsoft Windows Shell shortcut
handling remote code execution
vulnerability, MS10-046. Microsoft
has provided a patch to patch
this vulnerability .
Norman Security Suite detects this
virus as W32/VBWorm.BEUA. For
its shortcut files identified as Trojan:
LNK / CplLnk.A and files. DLL
detected as W32/
Suspicious_Gen2.BTDDL.
Dr.Web Anti-virus detects the virus
as W32/HLLW.Autoruner.25850.
File shortcuts are recognized as the
Exploit.Cpllnk and files. DLL
detected as Win32.HLLW.VBNA.3.
Adang said the virus is created by
using Visual Basic language
program. Viruses with the size of
128 KB it thinks will have the
extensions EXE or SCR, as well as
Microsoft Visual Basic Project icon.
No comments:
Post a Comment