CPE: McAfee AudioParasitic: Episode 16:W32/Virut family Parasitic
length: 00:21:42
In the last couple of weeks/months: increase of Virut
Family
Bot: classified as worm
Trojan: has its own entity
Parasitic infector: basically go out to append or prepend
on existing file on target victim host
Basically parasitic will infect an existing file as
oppose to dropping/loading, which is the behavior or Bot or Trojan.
We really have not see for a while these parasitic –
interestingly it’s coming back.
The difficulty of repair probably is the most interesting
part to write…
-
People do not realize how destructive parasitic are
-
It can take a day,week, months of man time to
clean
-
Also most of the time the virus is not properly
QA’d, the result after cleaning it leave a lot of corrupted file
Parasitic infector are really destructive piece of code
by nature
Also the same is polymorphic
And has IRC functionality – Virut family is common
The main way of infection:
-
Unsafe browsing
-
Get into network together with another part of
download
posted by omarg at
7:22 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home