ESET Threat Report says beware of Trojan

Tuesday, 25 February 2014 00:00 -     - {{hitsCtrl.values.hits}}

ESET, global provider of security solutions for homes and businesses, in their Threat Radar Report for Sri Lanka issued in January this year has indicated two predominant viruses have continued to infest Sri Lanka’s cyber space. One is the proverbial ‘Trojan’ aptly named after the legendary Greek horse that brought down the impregnable Troy and the other ‘Sality’, which has wreaked its own havoc on local cyber space.  Trojan is not new; it has been there and done its disruptive rounds for a while now.    According to a sample survey carried out by ESETamongst users of their virus guard, it came to light that the Trojan virus (JS/TrojanDownloader.iframe.NKE) which can infect everything from files to the Operating System of a machine stands at an infection rate of 7.00% occupying top position of its kind. First detected in 2011, the nature of this deadly virus is that it redirects the browser to a specific URL location with malicious software, giving hackers all the information they want to create maximum damage. The Sality virus, on the other hand, is said to be the classification for an entire family of malicious software (malware), which infects files on the Microsoft Windows system.  ESET’s local threat report says that thisvirus has recorded an infection rate of 3.41% (Win 32/Sality and Win 32/Sality.NBA) and is considered an active virus in Sri Lanka. Sality, was first detected in 2003 even older than its evil family member Trojan; and has advanced over the years to a dynamic stage. “This is a virus that has seen so much spread in Sri Lanka,” says Shihan Annon, Director of DCS International, sole agents for ESET in Sri Lanka. “When it infests the system, the virus communicates from peer-to-peer, to generate spam. With a capacity to distribute the computing tasks across the network, the virus acts as a proxy and infiltrates your sensitive data in an attempt to compromise the web server,” he added, commenting that that from a user’s perspective, Sality can be considered a very destructive form of virus, even in comparison withother viruses. “Since 2010, Sality was seen to have a root-kit function, remaining stealthy, thereby making its detection extremely hard.  A sound virus that spreads rapidly, Sality is hard to remove.  Whoever who sends this virus can take full control of your computer,” noted Shihan Annon, claiming that for most companies, Sality has become a serious problem as it can bring the work of an entire organisation to a standstill in the event of a bug invasion. How computers can get infected with virus Explaining how computers can get infected with a virus, he explains that it can infiltrate a machine during a simple task such as the process of opening an email attachment, downloading information from the internet or transforming data from a USB device to one’s computer. Computer viruses, also referred to as ‘malicious code’ perform harmful tasks such as collecting information about individual users without their knowledge or even attempt to use the infected computer as an operational base to attack another computer or website. “New viruses come out all the time and old viruses take on new forms getting stronger and more prolific.  That is why anti-virus software is an ultimate necessity to protect your computer.  However, antivirus software too is updated, even as viruses change shape in order to fight them. This is not unlike medical science that comes up with more effective medicine to combat bugs that even mutate into superbugs.  Therefore it is vital that your antivirus software is updated and in place so that it knows how to combat the newest threats protecting your valuable information from getting into malicious hands,” says Annon, emphasising the need for proper virus guards to be in place with the operation systems up to date with latest patches.  He says these are precautionary methods that would safeguard users from infection that result in data loss, privacy compromises, inoperable computers and termination of network access etc., Going a step further in making the general public and the corporate sector aware of the dangers they are facing, ESET compile aglobal and local radar report on a monthly basis, using data obtained from ThreatSense.Net, which is the Company’s global cloud malware intelligence system.