Rootkit Podnuha – A Potent Threat to Computer SecurityAccording to the security company 'PC Tools', rootkit "Podnuha" was detected in a new version -"Podnuha!sd6" during the 3rd week of June 2009, as reported by threatexpert. A rootkit is a software program that contains a single or several codes whose purpose is to conceal or make it difficult to understand that a computer has been hijacked. Security specialists say that Podnuha prevents a user from accessing antivirus websites and does not allow him to start already installed antivirus software in the computer. Specialists also elucidate that the Podnuha rootkit normally creeps into systems via vulnerabilities in software, malicious scripts in particular adult websites, malicious attachments in e-mails, or unprotected shareware. Thus, once installed in the computer, the rootkit first and foremost lets an attacker to remotely acquire control over the infected PC and thereby gain access to all the vital and sensitive personal data like banking credentials, passwords etc. saved on the machine's hard drive. In addition, Podnuha downloads adware and extra malware on the targeted system, encouraging the user to install some bogus antivirus software or prompting him to go to porn-related websites. Overall, a computer that is successfully infected normally becomes slower, suffers blue screens or sudden reboots. Security experts disclose that Podnuha rootkit is also known as Rootkit.Win32.Podnuha.buc (Kaspersky), Mal/Generic-A (Sophos), W32/Rootkit.AEHY (Norman), High Risk Worm (Prevx1), Generic malware (Panda), Boaxxe.dll (McAfee), and Trojan.BHO.Gen (Sunbelt). The five nations that have the most number of Podnuha infections are - the US (46,359), China (43,953), Japan (28,005), India (22,534) and Brazil (19,097). Besides, some other countries too have the infection such as the UK, France, Germany, Italy and Russia. Security researchers state that it is possible to remove rootkit Podnuha manually provided computer users have the skill to handle processes, program files as well as registry entries. The files that should be erased because of the infection are - dmconfigb.dll, advpac.dll, auth.dll, cfgmgr3.dll, amongst others. Nevertheless, users should take caution while surfing on the Web, maintain up-to-date system software, and install suitable antivirus programs to stay protected. Related article: Rootkits Can Be Detected And Eradicated » SPAMfighter News - 8/3/2009 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
