Skip to main content

Microsoft: removable drive worm still spreading

posted onJuly 3, 2013
by l33tdawg

A quick-spreading worm that first surfaced on removable drives in 2009 is still finding success, and once it infiltrates corporate networks, it can be difficult to contain as it swiftly spreads from system to system, according to Microsoft.

Once the Vobfus worm infects a system, it downloads additional malware from remote servers while simultaneously looking for other removable drives to spread to other machines. Vobfus has been connected to a variety of financially motivated attack campaigns and has been used by a number of botnets, including Zbot, the Zeus banking Trojan malware family.

When Vobfus reaches out to a command-and-control server to download additional malware, it can make remediation efforts more difficult for IT teams, wrote Hyun Choi, a Microsoft malware researcher, in his analysis of the threat in the Microsoft Malware Protection Center blog. In particular, Hyun said a Trojan downloader called Beebone, seen in conjunction with Vobfus, causes serious problems because Beebone will also reach out to a remote server to download additional malware including other variants of Vobfus.

Source

Tags

Microsoft Viruses & Malware

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th