- Do not use an account with administrative privileges for normal day-to-day activities and web browsing – accounts with lower privileges warn you if a program tries to install software or modify computer settings thus allowing you to decide whether the proposed action is safe.
- Ensure that your operating system and application software is up-to-date – many of the patches issued are to patch security vulnerabilities, the quicker these are patched the lower the risk that your computer can be compromised through known vulnerabilities where fixes are available. This should include up-to-date anti-malware software.
- Take care when downloading and installing software, if it is free or is not from a well-recognised and trustworthy brand there is a risk that the software may include features that spy on you (the user), enable unsolicited advertising or install harmful software on your computer.
- Treat with caution unsolicited emails containing attachments or hyperlinks (particularly shortened links), many phishing attacks attempt to trick you into opening a file loaded with malware or to visit a site which runs malicious scripts on your computer
- Apply common sense (due diligence), if an email offer looks too good to be true, the prices on a website are abnormally low or you receive an unsolicited telephone call offering computer support – e.g. from someone claiming to be from Microsoft – then it is likely that you are the target of a scam.
The Vobfus virus is good at infecting all the machines on the same network, say researchers
Two computer viruses that collaborate are proving hard to clean from infected PCs, Microsoft research suggests.
The pair of viruses foil removal by regularly downloading updated versions of their malware partner.
The novel versions are usually unknown to anti-virus programs which let the malicious programs persist.
Once present on a PC, the viruses let thieves take over a machine so it can be mined for saleable data or used to send spam or to attack other machines.
The close relationship between the two viruses was revealed in a blogpost by Microsoft malware research Hyun Choi.
Mr Choi said that the two Windows viruses, known as Vobfus and Beebone, were regularly found together. Vobfus was typically the first to arrive on a machine, he said, and used different tactics to infect victims. Vobfus could be installed via booby-trapped links on websites, travel via network links to other machines or lurk on USB drives and infect machines they are plugged into.
Once installed, Vobfus downloaded Beebone which enrolled the machine into a botnet – a large network of infected machines.
After this, said Mr Choi, the two start to work together to regularly download new versions of their partner in cybercrime.
This, he said, was a powerful mechanism that helped it keep a foothold on infected machines.
“In the case with Vobfus, even if it is detected and remediated, it could have downloaded an undetected Beebone which can in turn download an undetected variant of Vobfus,” he said.
“The two threat families are intrinsically related,” wrote Mr Choi, adding that the “cyclical relationship” had helped Vobfus become a persistent problem since 2009 when it first appeared.
Defeating the two viruses was tricky, he said, because Vobfus was so good at travelling via networks. As well as keeping software up to date he recommended disabling the “autorun” feature on Windows machines as Vobfus exploits this when it arrives via USB drives. In addition, he said, people should be wary of clicking links on external websites to avoid falling victim to booby-trapped URLs.
From the BBC Website Click Here for Full Story