David Harley, Director of Malware Intelligence at ESET, said that the losses generated by Coreflood is not on the size of its impact. His ability is able to falsify financial transactions and steal passwords (credit card, banking, email and social media) is more alarming than the volume of its attacks, spamming or DDoS attacks.
Coreflood, which became active since 2001 has been able to be detected by ESET security products and identified as Win32/Afcore. Statistical data show very high activity Coreflood in 2007 and 2009, then peaked dramatically in late 2008. Post-2009 Coreflood activity fluctuated with a moderate intensity.
Coreflood is classified as extremely dangerous malware that can record keystrokes and personal communications on a computer running Microsoft Windows. When attacked Coreflood computer, then immediately the victim's computer can be controlled remotely by another computer, known as command and control (C & C) server.
Until now the U.S. government has secured the perpetrators of the following C & C server, and a series of domain names that are used for crime. This was done especially for the new version of Coreflood not increased and did not spread to the victim's computer.
Coreflood infected computers and then controlled remotely known as "bots", or abbreviation of the word "robot" From the information obtained within the network of infected computers are known as Coreflood Coreflood botnet, and is believed to have been entrenched for nearly a decade and has infect more than two million computers worldwide.
Coreflood has the ability to steal usernames, passwords, personal information and even financial information. Further information is then used to commit crimes, that is draining the contents of the account in question.
One case is successfully revealed, by the local authorities explained that, how to work Coreflood in launching its action is to first monitor the communication conducted via the Internet between banks and customers, then Coreflood used as a medium to take over the online banking transactions and the result is done transfer funds to an unknown account.
In situations where the C & C server does not respond, Coreflood malware that already exist will continue to work in the victim's computer, gathering personal information and account.
"Most important for the user is to ensure computer security applications installed and able to work well. Keep the security software is always updated, and has outstanding detection abilities, so as to take preventive, because of malware attacks have been prevented even from malware will be entered into the computer, "said Yudhi Steady, Technical Consultant, PT Prosperita-ESET Indonesia.
source : http://chip.co.id/news/read/2011/04/28/614424/Coreflood,.Malware.Pencuri.Password.Kartu.Kredit
0 komentar:
Posting Komentar