Malware Vobfus When Contacts Other Malware Works Symbiotically, Downloading Each Other
According to Microsoft security, the malicious software -Win32/Vobfus behaves symbiotically vis-à-vis malware of any other kind, published infosecurity-us.com dated July 1, 2013.
It was in 2009 that the malicious program Vobfus started floating and continues to do so. It disseminates through detachable drives as also it chiefly pulls down other malicious programs onto contaminated PCs. Nevertheless, specialists at Microsoft's malware Protection Center lately discovered some more features of Vobfus that makes it still further intriguing.
The threat may creep into a PC via another malware that downloads it. This other malware usually is Trojan Beebone written with Visual Basic.
When Beebone contaminates any computer, it pulls down many other malware, like Sirefef, ZeuS, Cutwail and Fareit; however, during majority of instances, it pulls down Vobfus too.
Conversely, Vobfus too pulls down Beebone, therefore, there's this special "cyclical relationship" which experts describe among the two.
Hyun Choi, Security Researcher at Microsoft stated that the particular cyclical relationship that Vobfus shared with Beebone where the two pulled down each other explained as to what made Vobfus so easily resistant towards anti-viruses. Up-to-date anti-viruses might spot one malware affecting a computer, but malware freshly downloaded mightn't get spotted instantly. Infoworld.com published this dated July 1, 2013.
Choi elaborated that any self-updating malicious program, which typically solely updated itself, could get removed after it was spotted and when done, it couldn't pull down fresh variants of itself. However, when Vobfus was spotted and removed, the malware might've commonly already pulled down one unidentified Beebone variant that could in turn pull down one unidentified Vobfus sample, he added. Net-security.org published this dated July 1, 2013.
When data-sharing is done across a PC-network through detachable drives, Vobfus conveniently proliferates via its own replication onto any autorun.inf file that maybe inside the infected drive.
Besides, Choi concluded, since Beebone downloaded all its associated malicious programs, their cumulative side-effects existed on the infected systems.
End-users must be careful about clicking external web-links, as also maintain their browsers along with other software on their machines up-to-date towards aiding deterrence of software exploits that may also be done by turning off 'autorun' utility.
» SPAMfighter News - 06-07-2013