Malware Hang on Infected Computers for Months

In a fresh alert to IT security managers and computer users, a new study by the security vendor 'Trend Micro' suggests that malware could hang on devices for several months or even years. This statement contradicts the usual assumption that malware exists for a short time period.

Formerly computed statistics indicate that a hijacked system stayed contaminated for about 6 weeks. Another analysis conducted over 100 Million hijacked IPs prompted Trend Micro to conclude that numerous IPs were infected once or several times for over 2 years, with an average period of infection being 300 days.

The company also said that 4 of five hijacked systems stayed infected for 30 days while its specialists concluded that in case computers were not cleaned off the infections fast then those infections could hang till the Internet connection was snapped from the systems or the latter were replaced entirety.

Additional analysis of botnets prompted Trend Micro to pinpoint Zeus/Zbot, Ilomo/Clampi and Koobface as the three malware samples responsible for most identity-theft instances.

For example, the Koobface network of bots amassed 51,000 computers, employing 5-6 command-and-control systems to regulate its zombie PCs at any point of time. In case a provider at any time withdrew a specific domain for control, then the bot accumulators would set up a fresh C&C center elsewhere. During mid-March to mid-August 2009, Trend Micro estimated that there were some 46 Koobface domains for control.

The frantically dubbed Koobface botnet had a revised mechanism of using relays and proxies that made the botnet almost impossible to be wiped out.

Meanwhile, Dave Rand, CTO of Trend Micro, alerted that the most vital issue for consideration was that the computers wouldn't get repaired automatically. Somebody had to scrutinize their activities at the level of network. Rand added that it was therefore necessary for enterprises to have improved network equipments, as reported by SCMagazine on September 16, 2009.

Ultimately, the specialists advised users to ensure that their systems ran all-inclusive scanning and remediation software together with anti-malware solutions for warding off attacks.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 10/6/2009