Microsoft research assumes that two computer viruses that collaborate will be harder to clean from infected PCs. The pair of viruses foils removal by downloading updated versions of their malware partner. Once accidentally downloaded on a PC, the viruses allow hackers to take control over a machine and use it for saleable information or spamming. A blogpost by Microsoft malware researcher Hyun Choi illustrated this close interaction between the two viruses. Mr Choi explained that one often finds the two Windows viruses, known as Vobfus and Beebone, together. Vobfus was usually the first to appear on a machine, he said, and used different tactics to damage its virtual victims. Vobfus could install via booby-trapped links on a various range of websites, travel via network links to other machines, or lurk on USB drives and infect PCs that it’s plugged into.
Vobfus, which installs first, then downloads Beebone, connecting the machine to a botnet… a huge network of infected computers. Mr Choi said, after this, the two malware programs start working together to regularly download new versions of their virus-partner, thus, multiplying cybercrime. He said that was an effective mechanism that helped the virus remain sustainable on infected machines, explaining, “In the case with Vobfus, even if it is detected and remediated, it could’ve downloaded an undetected Beebone, which can, in turn, download an undetected version of Vobfus. The two threat families are intrinsically related”. Mr Choi stated that this “cyclical relationship” helped Vobfus become a persistent issue since 2009, when it first appeared. He explained that defeating the two viruses together was not easy, he said, because Vobfus was very good at travelling via networks. In addition to keeping software up to date, he recommended disabling the “AutoRun” feature on Windows machines, as Vobfus exploits this when it comes via USB drives. In addition, he said, people should be more attentive when they click links on external websites to avoid falling victim to booby-trapped URLs.
2 July 2013
Voice of Russia World Service
Let’s keep it simple. DON’T CLICK ON EXTERNAL LINKS (hey, guys… that means the link with the image of the gal with the gigundo titties, OK?). That should help you a great deal. Secondly, talk to your geek… they can help you. They have the knowledge that you don’t have. Don’t fuck with your machine without talking with your geek first. You’ll probably screw things up worse. Trust me on this one.