Malicious Online Attacks Based on Autorun on An Increase
Further, according to the company, during the end week of October 2010, it came to know of an estimated 700,000 attacks against different PCs. Of these, a huge 13.5% accounted for attacks via a USB tool i.e. over 1 in every 8 infections occurred through USB devices.
Says the company that it has identified the malware as "INF:AutoRun-gen2 [Wrm]," that's a worm, which runs one .exe file that subsequently downloads various kinds of malicious programs on the PC being targeted. These programs make their duplicates and attach them onto Windows operating system, while also replicate during every booting of the PC.
Moreover, among the aggregate "INF:AutoRun-gen2 [Wrm]" assaults, on-access scans prevented 84% of the attack trials, AVAST observes. The malware came into notice when USB devices were first plugged in. The rest 16 per cent were detected while scanning the PCs' hard-drives.
Remarking about Autorun's capacity, Jan Sirmer analyst at the Virus Lab of AVAST stated that AuotRun was truly a worthwhile program; however, it was as well a means for disseminating over 66% of current malicious programs. Itpro.co.uk published Sirmer's statement on November 3, 2010.
Elsewhere Sirmer stated that malware attacks through USB devices were much more prevalent compared to merely the Stuxnet assaults against business PCs that too were disseminated through contaminated memory sticks. Softpedia.com published this on November 3, 2010.
Other anti-virus companies too reported similarly the AVAST's discoveries. Thus according to Kaspersky Lab, Conficker was most widespread a malicious program during October 2010. Importantly, this worm too contaminates PCs via memory sticks. Kaspersky outlined that in all, 86,141 PCs were contaminated with Conficker during October 2010.
Eventually, it's observed that AutoRun is now a massive threat, so much that a lot of security specialists suggest users to disable it completely, arguing that its advantages do not compensate for the risks. Moreover, the disabling is possible using free tools that as well let users to make their USB tools immune to the threat.
Related article: Malicious Scripts with Zero-byte Padding can Pass Undetected
» SPAMfighter News - 12-11-2010