83,427 machines infected by Necurs Rootkit in November

The common thing among rootkits is that they can hide themselves from detection. Rootkit stops security applications from functioning and hence cannot be detected.

It is also capable of downloading additional malware from outside.

Microsoft list this as Trojan:Win32/Necurs.

 Now this is how  the attackers  maintain a remote access to a machine, and this way  monitor activity, send spam or install scareware.
Trojan:Win32/Necurs is a family of malware.  It works together to download additional malware and enables backdoor access and control of your computer. The malware can be installed on its own or alongside rogue security software, such as Rogue:Win32/Winwebsec.
                                                                              
The malware downloads itself into the folder “%windir%\Installer\“, where is a unique number that identifies your computer, for example “%windir%\Installer\{df3d9e18-342c-8c07-8dab-13e76d8b4322}”.
 Some variants of   ” Trojan:Win32/Necurs “”  can inject code into all running processes. The injected code is known as a “dead byte”
certain system processes will cause your computer to restart if they are injected with this code.
Strong anti-security features are provided by the Necurs driver. The driver has a very clear goal: protecting every Necurs component from being removed.
This example shows that malicious software is growing more sophisticated and is starting to include various components that serve individual purposes. These threats may target various versions of operating systems or even different software platforms
Advertisements
Comments
3 Responses to “83,427 machines infected by Necurs Rootkit in November”
  1. I just want to say I am all new to weblog and actually enjoyed this web blog. More than likely I’m want to bookmark your website . You absolutely have wonderful articles. Appreciate it for sharing with us your webpage.

  2. I simply want to mention I am just very new to weblog and truly enjoyed this web site. Probably I’m going to bookmark your website . You absolutely have exceptional article content. Appreciate it for revealing your webpage.

  3. Pinterest followers says:

    Is this ok to add this article to my facebook fan page, i think they would love this stuff

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

  • Blog Stats

    • 10,686 hits
  • Upcoming Events

    No upcoming events

%d bloggers like this: