请选择 进入手机版 | 继续访问电脑版
 Forgot your password
 Join Free
Global B2B Marketplace Home News View content

Password-Stealing 'Dorkbot' Worm Prowling Indian Cyberspace: CERT-In

2/3/2016 09:28| announcer: gaoduanba| View: 271| comment: 0

Summary: Cyber-security sleuths have alerted Indian Internet users against the malicious activity of an online virus called 'dorkbot' which perpetrates itself through social networking sites and steals sensi ...
Password-Stealing 'Dorkbot' Worm Prowling Indian Cyberspace: CERT-In

Cyber-security sleuths have alerted Indian Internet users against the malicious activity of an online virus called 'dorkbot' which perpetrates itself through social networking sites and steals sensitive personal data and passwords of a user.

The malware, a variant of online virus and worm, has been specifically seen affecting operating systems running on Windows in the recent past.

"It has been observed that the variants of malware named as 'dorkbot' targeting windows operating systems, are spreading.

"The malware belongs to the family of worms having backdoor functionality and spreads through various vectors including drive-by-download attacks, social networking sites and compromised websites with browser exploits via removable drives in the form of auto-run exploits or by means of malicious links in instant messaging chats or Internet relay chats," a latest advisory issued by the Computer Emergency Response Team of India (CERT-In) said.

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

The deadly virus, with almost a dozen aliases, is capable of stealing sensitive information from infected machine including stored passwords, browser data, cookies and has a smart and lethal potential to take complete control of the affected system, it said.

The cyber-security agency said the malware can hide itself by over-writing, can collect system information such as OS (operating system) information, user privileges and apps installed on the system and can act to aid remote access of the infected machine to an attacker.

It destructs and infects a system by acquiring fake identities of Facebook, Skype or any other social media platform and lowers its immunity against a potential virus attack.

"To hide itself from detecting by anti-virus solutions, the malware injects its code into files like cmd.exe, ipconfig.exe, regedit.exe, regsvr32.exe, rundll32.exe, verclsid.exe and explorer.exe," the advisory said.

Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.

Tags: Cyber security, Dorkbot, Internet
Flowers
Flowers
Handshake
Handshake
Shoking
Shoking
Pass by
Pass by
Egg
Egg