📑 Table of Contents

Virut is a cybercrime malware botnet, operating at least since 2006, and one of the major botnets and malware distributors on the Internet. In January 2013, its operations were disrupted by the Polish organization Naukowa i Akademicka Sieć Komputerowa.

Characteristics

edit

Virut is a malware botnet that is known to be used for cybercrime activities such as DDoS attacks, spam (in collaboration with the Waledac botnet[1]), fraud, data theft, and pay-per-install activities.[2][3][4] It spreads through executable file infection (through infected USB sticks and other media), and more recently, through compromised HTML files (thus infecting vulnerable browsers visiting compromised websites).[2][5] It has infected computers associated with at least 890,000 IP addresses in Poland.[2] In 2012, Symantec estimated that the botnet had control of over 300,000 computers worldwide, primarily in Egypt, Pakistan and Southeast Asia (including India).[2][3] A Kaspersky report listed Virut as the fifth-most widespread threat in the third quarter of 2012, responsible for 5.5% of computer infections.[2][6]

History

edit

The Virut botnet has been active since at least 2006.[2]

On 17 January 2013, Polish research and development organization, data networks operator, and the operator of the Polish ".pl" top-level domain registry, Naukowa i Akademicka Sieć Komputerowa (NASK), took over twenty three domains used by Virut to attempt to shut it down.[2] A NASK spokesperson stated that it was the first time NASK engaged in such an operation (taking over domains), owing to the major threat that the Virut botnet posed to the Internet.[5] It is likely Virut will not be shut down completely, as some of its control servers are located at Russian ".ru" top-level domain name registrars outside the reach of the Polish NASK.[4] Further, the botnet is able to look up alternate backup hosts, enabling the criminals operating it to reestablish control over the network.[4]

See also

edit

References

edit
  1. ^ "Waledac Malware Could Send 3.6 Billion Spam Emails per Day from Infected PCs - Softpedia". News.softpedia.com. 15 January 2013. Retrieved 19 January 2013.
  2. ^ a b c d e f g "CERT Polska » Blog Archive » NASK shuts down dangerous Virut botnet domains". Cert.pl. Archived from the original on 21 January 2013. Retrieved 19 January 2013.
  3. ^ a b "Snapshot of Virut Botnet After Interruption | Symantec Connect Community". Symantec.com. 7 January 2013. Retrieved 19 January 2013.
  4. ^ a b c "Polish Takedown Targets 'Virut' Botnet — Krebs on Security". Krebsonsecurity.com. 7 January 2013. Retrieved 19 January 2013.
  5. ^ a b "•• Przejęto niebezpieczne domeny botnetu Virut | NASK odnosi sukces w walce z cyberzagrożeniami |". Komputerswiat.pl. 8 February 1972. Retrieved 19 January 2013.
  6. ^ "Kaspersky Security Bulletin 2012. The overall statistics for 2012". Securelist. 10 December 2012. Retrieved 19 May 2020.

📚 Artikel Terkait di Wikipedia

Polymorphic engine

polymorphic, it is also known as a polymorphic packer. The engine of the Virut botnet is an example of a polymorphic engine. "The most polymorphic virus

Polymorphic code

software. A common and very virulent polymorphic virus is the file infecter Virut. Metamorphic code Self-modifying code Alphanumeric shellcode Shellcode Obfuscated

List of SEA Games medalists in athletics

Majid (MAS) 2001 Kuala Lumpur  Jirachai Linglom (THA)  Nguyễn Bảo Huy (VIE)  Virut Sarat (THA) 2003 Hanoi  Apisit Kuttiyawan (THA)  Nguyễn Bảo Huy (VIE)  Jirachai

Athletics at the 2001 SEA Games

hurdles Jirachai Linglom  Thailand 50.63 Nguyễn Bảo Huy  Vietnam 51.56 NR Virut Sarat  Thailand 52.04 3000 metres steeplechase Eduardo Buenavista  Philippines