Microsoft Detects New Malware ‘Rimecud’
Microsoft recently announced its January 2010 Microsoft Security Bulletin Summary during the 2nd week of January 2010.
In the report, it has been said that Win32/Rimecud is the top malware item added to the Malicious Software Removal Tool (MSRT) during 2010.
But this malware is featured with the same characteristics as that of a virus group called Wind32/Hamweq included into MSRT during December 2009.
Marian Radu, Virus Researcher at Microsoft, states that both Win32/Rimecud and Win32/Hamweq might have originated from a common "father." This speculation, according to the researcher, is based on the common features the two worms display, as reported by Softpedia on January 13, 2010.
Radu further states that Win32/Rimecud disseminates through P2P networks, removable and fixed drives and instant messaging applications. Just like Hamweq, it also acts like a backdoor which gives its controller remote access to the infected computer. However, in comparison to Hamweq, the backdoor in Rimecud supports many more varied and advanced commands, allowing greater control to the remote hacker over the hijacked system.
Furthermore, Win32/Rimecud utilizes diverse types of obfuscated codes. These, crafted with the C/C++/Delphi/Visual Basic language, normally are able to detect the virtual environment as well as employ anti-emulation tricks. Consequently, it becomes harder to spot the malware, said the security researchers at Microsoft.
Moreover, Rimecud is similar to Hamweq in several other ways. It utilizes the Recycle Bin to drop its own copies while maligning the explorer.exe process with an obfuscated code.
The Microsoft researchers underscoring the threats from computer viruses and malware purveyors suggested that users should install competent like anti-spyware and anti-virus software in order to ward off hackers. According to them, anti-spyware programs block and remove spyware i.e. malware, which gathers data from the infected computer, while anti-virus programs spot, block and eliminate PC viruses, trojans and worms.
In addition, the Microsoft security specialists recommended that end-users should maintain automatic updates of different software on their systems and should run a firewall. They should utilize a recently-upgraded browser along with up-to-date solutions of security software so that malicious acts of hackers and malware distributors could be thwarted.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 27-01-2010