removable drives | DataProtectionCenter.com

MSRT March ’13 – Wecykler

12

Mar

2013

Wecykler is a family of worms, that shares some similarities with the Worm:Win32/Autorun family, in that it that takes advantage of removable drives attached to an infected system in order to propagate to other machines. They target users’ familiarity with the content of drives (files and directories) disguising as directories with existing and catchy names […]

Category General Written by Microsoft Malware Protection Center 0 Comments

The strange case of Gamarue propagation

28

Feb

2013

We have seen variants of Worm:Win32/Gamarue spread via removable drives in the past, but recent variants have adopted a more convoluted method of spreading involving several components. Let’s take a look at one. For this variant of Worm:Win32/Gamarue, we start with an infected removable drive, for example a USB flash drive. Our infected example drive […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Polymorphic AutoRun Worm Evolves and Obfuscates

16

Feb

2013

Recently we have seen a spike in a Visual Basic 6-compiled AutoRun worm family. The family is both client- and server-side polymorphic. (For more on this family, refer to our VIL and Advisory entries.)The W32/Autorun.worm.aaeh family usually gets on a victim’s machine through email spam, Blacole drive-by downloads, or downloads by BackDoor-FJW. From a behavioral perspective, […]

Category General Written by Blog Central > McAfee Labs 0 Comments

The Latest in IT Security

Posts Tagged ‘removable drives’

MSRT March ’13 – Wecykler

The strange case of Gamarue propagation

Polymorphic AutoRun Worm Evolves and Obfuscates

Categories

Featured

Archives

Latest Comments

About Us

Contact Us