diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


June 2011 of MSRT Added ‘Win32/Nuqel, Win32/Yimfoca and Win32/Rorpian’ to Its Detection

June 2011 MSRT release, added three new threat families to the detection capability.

One is Win32/Nuqel – “over 60 variants of Win32/Nuqel have been identified in the wild. This worm spreads itself via network shares, removable drives and instant messenger programs. These combined spreading methods make it very efficient in propagating, and it has gained prevalence lately,” revealed MMPC.

“Aside of the typical Autorun behavior, which’ll only provide a shrinking value to malware authors, Nuqel employs a disguise to fool victims. When infecting a machine with shared network drives, Nuqel copies itself to the folders on the network share with the name and icon of a folder. If the user clicks the icon, the worm will be activated.”

“If you don’t have any folder or file shared, Win32/Nuqel will create one for you as <Root Drive>\New Folder.exe, which’s another copy of itself,” MMPC stated.

“The other two threat families added are “Win32/Yimfoca” and “Win32/Rorpian,” both of which are also high-profile worms with several payloads and are also gaining prevalence these days,” added MMPC.

[Source: MMPC]

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...