Appears IM virus capable of encryption

Security firms, yesterday (2/5), warned users about a new worm that spreads through an instant messaging network (IM). The goal of this computer worm

Picture 1 of Appears IM virus capable of encryption
Security firms, yesterday (2/5), warned users about a new worm that spreads through an instant messaging network (IM).

The goal of this computer worm "cultivates" bot systems - also known as a system of PCs that are hacked by hackers to take control.

Nagache.a - by the name of McAfee and Symantec - is distributed primarily through AIM instant messaging (America online Instant Messaging) and MSN Messenger, via email system and peer-to-peer sharing.

At the same time, the worm also installs on a system infected with a 'drive-by download' - an application that allows malware to load everything onto the system without users' knowledge - if the PC system of Users have not installed the patches carefully.

The main goal of the Nagache.a worm is to install a 'bot' - a control unit - that helps communicate with the operator.

However, unlike most bots that are currently controlled through IRC channels, the bot installed by Nagache.a worm is controlled via peer-to-peer networks. Information transferred between the bot system and the operator is also encrypted or at least unreadable.

The commands and control channels used here are very special. Peer control and control command channels make it difficult to lock down commands sent to bots or data back and forth, helping them to bypass intrusion detection systems.

This is really a new challenge for the research specialists in clue to control the bot system.

Although AOL has been blocking certain IP addresses that spread viruses, many systems have been found to be infected with the virus.

Hoang Dung

Update 12 December 2018
« PREV
NEXT »
Category

Technology

Life

Discover science

Medicine - Health

Event

Entertainment