According to Kaspersky Lab, a relatively new computer worm called Kido is already displaying changes in the way its Trojan component works as compared to its earlier versions.
Some variants of the virus are identified as Net-Worm.Win32.Kido.iq and Net-Worm.Win32.Kido.ip. The main function of the latest variant is that it generates a remarkably large number of distinct domain names with which it downloads regular updates. Thus, the virus' new version produced and contacted 50,000 malicious data compared to 250 produced and contacted by the earlier versions.
Vietnam branch of Kaspersky Lab states that the first variant of the new virus made a serious impact on businesses in Vietnam as it deactivated feature-recovery arrangement, prevented access to protected websites and installed malware on an infected computer. Besides, the virus spreads very fast as well as is extremely difficult to annihilate.
Meanwhile, to detect the virus' infection, Kaspersky Lab has provided some clues to users, which can help them to identify when they are hit by the worm.
The company says that when files like RECYCLED\{SID<...>}\RANDOM_NAME.vmx and autorun.inf appear on USB flashes or within the local computer network, it means that there is a Kido infection. Further, the worm saves itself on the target computer as a 'Dynamic-link library' (DLL) file that may appear as c:\windows\system32\zorizr.dll, said Kaspersky.
Moreover, the security specialists state that the malware registers itself within system services using any name, for instance 'knqdgsm', and finally attempts to strike the PC through the network access point.
Thus, to remain protected from it, Kaspersky suggests that users should deploy the relevant security updates for their computers' operating system along with antivirus software with up-to-date signatures.
In addition, the specialists said that Kido first emerged on January 2, 2009 and since then, over 9 Million computers worldwide have been found affected with its infection. Also, since then, many security companies have been constantly tracing the roots of the virus and reporting its variants and the extent of their threat. Meanwhile, Kaspersky's analysis shows that the virus is mutating and rising in number.
No comments:
Post a Comment