Virus Dridex
published by 2014-12-24
topic: Viruses
This new malware has been discovered by Trend Micro. It spreads via spam by attaching a Word document that looks like being invoices or accounting documents, and actually contain malicious macros. Its aim is to steal personal information, mainly banking data.
When you open the document, it will ask for the activation of macros in order to view the content . At this point is where the user, through social engineering, can be deceived to enable the macros to visualize the document, but it is at this moment when the malware will be downloaded.
Dridex monitors the actions carried out with banks (Bank of Scotland, Lloyds Bank, Danske Bank, Barclays, Kasikorn Bank and Santander), when you access the theft of the information is realized.
Vuelve Cryptolocker
published by 2014-12-04
topic: Viruses
Hace unos meses explicamos en que consistia el virus cryptolocker. Desde ayer a la tarde nos encontramos con una variación de este mismo virus.
Esta vez ha ganado en sofisticación ya que es un email que se recibe personalizado, con nuestro nombre y apellidos, y hace referencia a un paquete que no se ha podido entregar de Correos.
Que vayan personalizados está haciendo que sea más creible y muchas personas ya hayan descargado este ransomware.
Nos hemos encontrado con casos que aún teniendo antivirus instalado han sido infectados y han podido recuperar su información porque tenían Yildun Cloud Backup.
Types of threats
published by 2014-11-17
topic: Viruses
Warm
It is a program that is self-replicating, does not infect files and it's aim is to spread and affect a large number of computers. We can detect that we have a worm in our system, for example when the resources of the system are consumed and makes that the tasks do not be execute or be very slow.
Trojan
It is a malware that tricks the user looking like a seemingly harmless program (emails, pictures, music ...) but when run creates a backdoor that allows remote access to the attacker. It is composed by two files (client that sends orders and server who executes them).
Logic Bomb
It is a part of code in a program that remains hidden until a predetermined moment (a date, a command, an event) is triggered.
Boot Virus
They infect boot sectors of CD, DVD, USB, hard drives and even tables of partitions of the discs. It does not infect files, the virus will be activated when the system starts, infecting the hard disk that contains it.
Social Engineering
It is a technique of obtaining information, manipulating the innocent user. With the increase of e-mail, websites and social networks, it is increasingly common to find deceptions to obtain confidential data such as: passwords, card numbers, etc. Some examples of this type of deception are: phishing, chain emails, renewal of the access to a website, or even by a phone call.
reference: www.slideshare.net/YildunCloudBackup/tipos-de-amenzas-informticas
Recycler Virus
published by 2014-09-18
topic: Viruses
It is a virus that resides inside the USB memory, causing loss of data or damage to the operating system. It is a annoying virus that has different infection versions.
Converts folders in shortcuts
When we want to access a folder that has been infected, we will see it as a shortcut and we can't see its contents.
Infects the explorer.exe program
It is another type of infection, created autorun files on all drives, and also it can create registry entries in order that it can execute.
The name is Recycler because it stays in the folder with the same name in the operating system. It is normal to have such folder on drive C:, although it is unusual that this folder is on USB drives or other removable media.
You should always remember that to ensure the continuity of your data is desirable to have a backup system installed to ensure the recovery of your data loss.
Virus throughout history
published by 2014-09-08
topic: Viruses
Melissa [1999]
The virus was spreading via e-mail with a Word document which subject is "Here is that document you asked for... don't show anyone else". It was infecting all files that were opened, it was deactivating options of the text processor and it was auto-mailing.
I Love You [2000]
Virus that simulated to be a love letter with the subject "I Love You". When the attached file was opened, the worm infected the machine, in addition to forward it to the Outlook's agenda.
Klez [2001]
As the previous ones, it was transmitted by e-mail, infecting and spreading to the contact list. Among its capabilities was the invalidation of the CPU or to simulate to be an antivirus.
Code Red [2001]
This worm affected machines which had IIS and did not have a patch for Microsoft Security, as a result there was not control over the machine.
Nimda [2001]
It was one of the fastest in expanding. It attacked connection to Internet of the user to collapse the network traffic and then to take control of the machine.
Win32/Simile (Etap) [2002]
It was one of the first hybrid virus (both for Linux and for Windows). Simile was not aggressive, but it infected files and displayed messages on predetermined dates.
Frethem [2002]
It was a worm that was expended via email with the subject "Re: Your password!". It was very easy to become infected with it, because it was automatically activated by the preview of the message in Outlook Express. It autoexpanded to the list of contacts.
SQL Slammer [2003]
It caused that many servers will stop giving service or a noticeable slowdown on the Web, because its objective were machines that had Microsoft SQL Server.
MyDoom [2004]
This worm was expended via e-mail very quickly. Depending on the network and system configuration, it could control the machine by creating a backdoor.
Leap-A/Oompa-A [2006]
Virus that affected Mac attacking the iChat. Forwarding a JPEG image to the contact list.
Zhelatin, Nuwar o Peacomm [2006]
Trojan who was spreading via e-mail with the subject "230 dead as storm batters Europe ", the main problem was that the attacker had remote control on the machine.
Dorkbot [2012]
This Trojan was expended via Skype sending false messages and ZIP files, so that infection depended on whether the user opened it.