Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is There A Way To Prevent?


  • Please log in to reply
4 replies to this topic

#1 computerworks

computerworks

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 07 August 2008 - 04:24 PM

We are a service shop now fixing dozens of infected systems a week... infected with Antivirus XP 2008, Vista Anitvirus and various other vundo derivatives.

Questions...

1. Is there anything published that outlines a foolproof way to prevent these types of infections? What is the entry point and how can it be secured?

2. Has anything been documented on just where users are catching it? Is it truly a drive-by? Are there known sites that are passing this on and can be tested?

Thanks for any known info; we are trying to make our users as protected as possible.

ron

BC AdBot (Login to Remove)

 


#2 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:07:50 PM

Posted 07 August 2008 - 06:53 PM

Hello computerworks,

Frankly prevention starts at the user level. No matter how tight you secure the holes, the malware writers will find new ones to go through. If you really want to prevent, you need to educate. I know that's not what you were looking for, but it's the bottom line.

Simple steps to keep your computer secure!
Antivirus, Antimalware, And Antispyware Resources
Suggested Safe Practices
How did I get infected?
Best Practices - Internet Safety For 2008

And these are just basics. But that's where prevention begins.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#3 computerworks

computerworks
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 08 August 2008 - 04:03 PM

Thanks...those are all good practices.

I am particularly interested in these Vundo variants and how to conclusively block them.

I have seen systems infected by these that are "fully-equipped" with FW, AV and active-monitored Anti-Malware products....
...and still get penetrated.

#4 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:07:50 PM

Posted 08 August 2008 - 04:33 PM

A lot of the Vundo variants infect through Java exploits. A lot of other nasties also use Java as a portal.

Read this in addition to the rest.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:50 PM

Posted 08 August 2008 - 04:47 PM

You should also tell those you are helping to avoid gaming sites, underground web pages, pirated software sites, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

Read P2P Software User Advisories and Risks of File-Sharing Technology.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users