Mobler computer worm

Security firm F-Secure has warned that a "ancient" computer worm called Mobler has appeared again and spread on the Internet.

Once infected on the system, the Mobler worm copies a copy of it to all the system's writable storage devices such as floppy disks, USB memory sticks and some other folders on the hard drive.

Therefore, one of the signs to identify a Mobler worm system is that the floppy drive automatically activates even if there is no disk in the drive.

However, this worm needs to have the impact of users, it will begin to promote its disastrous ability.

The Mobler worm also hides itself in the Windows directory and can host a denial-of-service attack. The first victim of this denial-of-service attack is the Bina Sarana Informatika website.

Not only that, every time a copy of it is copied to another place, it is renamed to avoid being detected. Even the files in the infected folder will be renamed.

The Mobler worm released some files to the Windows System folder such as autorun.inf , black.app , black.html , black.ico , black.jpg , black.txt , makesis.exe and system.exe . Also in this folder, the Mobler worm will create some compressed files such as Black_Symbian.SIS and Black_Symbian.PKG .

Once infected on your computer system, the worm Mobler also disables the Windows Task Manager and Registry tools, Folder Options and Search or the ability to block some application files from being started by RUN .

Security vendor warns users not to open messages with attachments and unknown sources or run any suspicious software on storage devices such as USB sticks or floppy disks.

Trang Dung