McAfee - Auto-Run Malware Infection on Rise
The report further reveals that in a span of 30 days in the second quarter of 2009, Auto-Run malware corrupted over 27 Million files. The detection rate crossed the most famous worm 'Conficker' by 400% that made the Auto-Run malware widely popular across the world.
McAfee security researchers also said that considering millions of computers online and detection of Auto-Run threats by security vendors, one can assess that the gravity of the problem. The packers and compliers used to create a large percentage of this malware family are now easily available in the market. They are the same tools that legitimate software producers employ.
Moreover, the security company said that it had observed astonishing surge in Auto-Run malware versions over the past few months. In spite of up and down, the overall trend shows upward movement.
According to the security experts, Auto-Run malware usually exploits Auto-Run capabilities of Windows and most often spread through storage devices and USB. Besides, Auto-Run feature gives an extra advantage to malware writers as it prevents a couple of clicks to execute the program.
Greg Day, Security Analyst at McAfee, said that Auto-Run technique resembled to methods used in those days when virus ridden floppy disks were used to corrupt computers. He warned users to switch off their Auto-Run function, as reported by v3 on July 29, 2009.
This feature of Window has revived the model of hand-carried malware transmission used in the 1980s. Famous families of this Trojan such as PWS-Gamania and PWS-OnlineGames which earlier required a user to click on executable now use Auto-Run technique to spread through removable drives. Virus families like W32/Virut and W32/Sality also use this attack vector.
Commenting on the issue, security researchers said that Microsoft had addressed many prevalent infection techniques in the past such as office macros, spreading through boot sectors, scripts and email clients. As the infection through Auto-Run is rising, Microsoft could make a huge difference to the world by fixing the exploited features.
Related article: McAfee Alerts Windows about Accessibility Hole in Vista
» SPAMfighter News - 14-08-2009