<kbd id='2545bbf3b0'></kbd><address id='2545bbf3b0'><style id='2545bbf3b0'></style></address><button id='2545bbf3b0'></button>

          Rusbiz Newsletter Easy, low cost incorporations. Click Here.
          HomeCategoriesArchiveAdvertisePrivacy StatementFeedbackAbout UsRusbiz Home
          Ezine for online business community
            
          SIGN UP
          to receive the ezine
          Your Name
          *:
          Your E-Mail*:

           
           
            BECOME A MEMBER of Rusbiz.com B2B portal for free! Members have access to a unique ecosystem of integrated and cost-effective business solutions.
          Register
           

          Send
           this newsletter
           to your friend
             
           Receiver's E-mail*: 
            
           Sender's Name*: 
            
             

           Network with like-minded business people.
          Ask business related questions.
          Help others in getting right answers.
          Use brand new Rusbiz forum to publicize your opinion.

          "Internet Success Private Site" has everything you need to succeed online! Click here for more information!

          Rusbiz Services

           The 10 Natural Laws of Successful Time and Life Management: Increase Productivity and Inner Peace
          Interactive Marketing Ezine: Your guide to generating online Success! Essential marketing methods and traffic-generating techniques! Plus: Weekly Free ads!
          www.vectorcentral.com
           
           
           

          computercourses1


          Magazines of America






           
           

          #79 [24.01.2007]
           

          Are You Protected from Storm Worm?

          By Nowshade Kabir ㏑usbiz.com

          Are You Protected from Storm Worm?

          A new Trojan named as "Storm Worm" has started to take the Internet by storm!This Trojan is responsible for over 17 percent of all emails generated in last couple of days and managed to infect over 1.6 million computers in first four days alone. Symantec Corporation claims that this is the biggest outbreak of a virus since sober.Ocame out in May of 2005.

          The virus emerged on January 18, Thursday when northern Europe was hammered by hurricane-force winds and heavy precipitation, killing 27 people and disrupting travel for tens of thousands. The storms were among the worse in years and naturally people were eager to know what was happening.Preying on people's curiosity and using tabloid like headline"230 dead as storm batters Europe" criminals dispatched hundreds of thousands of virus infected emails to unsuspecting users. The goal was to lure users into opening the emails and downloading attached files.

          Over the weekend there were six subsequent waves of the attack, with each email attempting to lure users into downloading an executable by promising a topical news story.The subject line of the emails carried one of the following headlines:

          • A killer at 11, he's free at 21 and kill again!
          • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
          • British Muslims Genocide
          • Naked teens attack home director
          • 230 dead as storm batters Europe
          • Re: Your text
          • Radical Muslim drinking enemies's blood
          • Chinese missile shot down Russian satellite
          • Chinese missile shot down Russian aircraft
          • Chinese missile shot down USA satellite
          • Saddam Hussein alive!
          • Venezuelan leader: "Let's the War beginning"
          • Fidel Castro dead

          Some of the e-mail messages have also been changed to prey on the romantic types. Recent versions of these Trojan e-mails have contained subject lines such as"A Bouquet of Love","A Day in Bed Coupon", or"A Monkey Rose for You".

          The respective attachments with the Trojan horse malware have names like:

          • FullVideo.exe
          • Full Story.exe
          • Video.exe
          • Read More.exe
          • FullClip.exe
          • GreetingPostcard.exe
          • MoreHere.exe
          • FlashPostcard.exe
          • GreetingCard.exe
          • ClickHere.exe
          • ReadMore.exe
          • FlashPostcard.exe
          • FullNews.exe

          Our Services
          B2B Portal Deal Management
          E-commerceMarket Research
          Web MarketingAdd products to E-catalog
          Web StoresAdvertisement
          Web Design PackagesRead More...

          The "Storm worm" contains a very large number of diverse, small quantity modifications, which were released from numerous places at the same time and in a particular sequence. By distributing so many variants simultaneously, the virus distributors attempt to jeopardize the effectiveness of signature-based anti-virus engines so that AV programs become futile in safeguarding the computers. This is creating a real problem for Anti malware vendors. Even the latest updates of an antivirus program does not guarantee full protection from increasing number of new variants of this malware.

          Each of the antivirus vendors calls this Trojan by a different name. Symantec calls it "Trojan.Peacomm", McAfee calls it "Downloader-BAI.gen and ESET calls it "Win32/Fuclip.A Trojan".


          How it works

          Once a user downloads the attached to the infected email executable file, the program installs two .ini files, peers.ini and wincom32.ini, and a system file called wincom32.sys. This is the Trojan, and it creates a backdoor, a security hole, in the computer. This allows hackers to bypass security authentication and get remote access to the system and install a rootkit.A rootkitis aset of programs used to hack into a system and gain administrative-level access. Once a program has gained access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the hacker's to use; alter log files; attack other machines on the network; and modify existing system tools to avoid detection. Rootkits are an extreme form of System Modification Software.

          After getting installed the Trojan horse seeks out five downloadable files from other computers: TROJ_AGENT.JVH, TROJ_AGENT.JVI, TROJ_AGENT.JVJ, TROJ_DORF.AA, and WORM_NUWAR.CQ. When the Rootkit is installed the compromised machine becomes a zombie in a network called a botnet. Botnet is a jargon for a collection of software robots which run autonomously. A botnet's originator can control the group remotely, usually through a means such as IRC, and use it for malicious purposes.Most botnets used for malevolent intention are currently controlled through a central server. This server is relatively easy to deactivate once found, which in turn eliminates the botnet. However, this particular Trojan embeds a new type of botnet without any one centralized server and works more like a peer-to-peer network. The other uniqueness of this virus is its ability to infect Windows Vista.


          What is next?

          Over the coming days there would be more attacks. Apparently, the malware distributors are using the botnets to spread spam that is designed to jack up "pump and dump" penny stocks and various adware.


          How to safeguard your computer?

          If you take the following steps, your computer will be virtually safe from any similar virus attacks:

          • If you have not updated your Windows system with the latest Microsoft patches, do it
          • Get an Antivirus program and install it in your computer
          • Regularly update your Antivirus program
          • Get a firewall similar to Zonealarm or enable Windows XP's built-in firewall
          • Make sure that your email filter blocks all executable mail attachments
          • Scan your computer for viruses regularly

          What to do if you got infected anyway?

          If you got infected anyway do the followings:

          • If you are using Windows Me or XP, first disable System Restore
          • Update your antivirus program
          • Run a complete system check-up
          • Clean up the registry keys by navigating to
            HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wincom32
          • Delete the two.ini files mentioned earlier

          Don't become a victim! Take necessary precautions before culprits get hold of your computer.

          Discuss this article at our new forum



          How to Link to This Page?

          To link to this page from your website, simply cut and paste the following code to your web page.

          It will look like on your page as:

          Are You Protected from Storm Worm?

           
           
          Send
           
            
             

            RSS logo 
           #79 [24 Jan 2007]
          Are You Protected from Storm Worm?

           
           #78 [10 Nov 2006]
          Increase sales with eCommerce 2.0

           
           #77 [15 Oct 2006]
          Web 2.0 in eCommerce

           
           #76 [15 Sep 2006]
          How to Use Internet in Your Export Business

           
           #75 [20 Aug 2006]
          Six Reasons to Use a B2B Marketplace

           
           
          Archive



          Categories
          Internet Business Ideas
          E-business Development and Implementation
          Internet Viruses and Scams
          Online Promotion and Marketing
          Business Management & Enterprise Applications
          Motivational and Personal Development
          Web Experience Enhancement



          Related Articles
          Are You Protected from Storm Worm?
          Protect Your Computer from Latest Virus
          Beware of Spyware
          Be Aware of Phishing Scams!
          "MyDoom" virus and how to protect your computer from it

           
          Peter Bain Forex Trading Video Course

          Tel3 Prepaid International Long Distance Calling

           
               
          About the author
          Nowshade Kabir is the founder, primary developer and present CEO of Rusbiz.com. A Ph. D. in Information Technology, he has wide experience in Business Consulting, International Trade and Web Marketing. Rusbiz is a Global B2B Emarketplace with solutions to start and run online business. Click here to contact him.