Archive for the ‘Virus’ Category
April 1st, 2009 | 
Author: 
On 1st April, a worm named Conficker who are already infected millions of machines around the world, it is expected that something bad, but nobody knows exactly what. Some experts fear that an army of infected machines can be ordered for a coordinated attack or send a deluge of spam. But today, a publishing tool could assist in the impact, large enterprises and institutions, to achieve rapid weeds infected machines, networks on all the signs of infection.
Analysis of the worm Conficker has already shown that the computer is infected “phone home” on 1 April on a new set of instructions. It is already possible to see the machines individually, but it is a relatively long process. It is also possible to circumvent the problem by leaving just the communication on a network, but the latest version of Conficker must be silent, to April 1.
Dan Kaminsky, director of penetration testing for Seattle-based Security IOActive companies contributed to the new analysis tool, and said they may be infected in such manner as it relates to the larger network. This makes it quick and easy to remove the worm and does not require access to specific machines. “It’s like driving through a neighborhood search for homes with big signs on their doors,” says Kaminsky.
The tool was Tillmann, Werner Felix leather, members of an independent Honeynet Project, asked Kaminsky, research on Conficker. The couple discovered that the worm changes the way a machine on a network. Kaminsky take on this subject, which indicates that researchers a tool that uses this information to find machines infected. The researchers built a tool and has worked over the weekend, ready for wide dissemination to other providers of security software. “Whoever Vulnerability Scanner with a company, it should be taken over until the end of the day,” says Kaminsky.
Posted in 
Tags: 
The legendary 29A virus programmer group is no more. According to a posting by long-time member Virusbuster on 29A’s web page there is no longer any contact between group members. Therefore, according to the posting the last remaining member decided to dissolve the group. Activities ceased in July 2007 when several members left the group and only three virus experts remained.
Anti-virus specialists assume that one reason for the group’s downfall is the now almost complete commercialisation of the malware scene, which has driven some virus authors into the arms of organised crime. Virus authors and botnet operators are increasingly being sent to prison for their activities, which doesn’t exactly make belonging to such a group more attractive – even if they are only amateurs like 29A.
29A’s demo viruses tended to be pioneering because they demonstrated the feasibility of viruses for various operating systems and technologies. The group, whose name is hexadecimal for 666, was responsible for the Cabir smart phone virus, early viruses for Windows 2000, for the 64-bit versions of Windows and for NTFS Alternate Data Streams, as well as Win32.Winux, a malware sample for Windows and Linux. Their malware never contained malicious routines and only demonstrated distribution methods and infection vectors. In its active period, the group published several online magazines with articles about virus programming. However, group member Marek “Benny” Strihavka, among others, did finish up in prison for one of the hacks.
