3 of them were responsible for 40% of all successful DDOS attacks on networks and spam campaigns. We’ve listed them below, and have included a fourth Trojan virus because of its rapid rise in use to steal passwords, financial data and more. Being aware of these threats and how they pose a risk to your network is the first step to safeguarding your business and preventing troubles.
1. The Conflicker Worm
The conflicker is a computer worm mostly targeting Windows Server environments but is present in instances of Windows 2000, Windows XP and Windows Vista computer workstations.
It is a worm that allows outside entities remote access and operations of your system, and that disables Windows Services and then downloads additional malware.
Some of the vital Windows Services disabled by Conflicker are:
- Windows Automatic Update
- Windows Security Center
- Windows Error Reporting
- Windows Defender
These services are important as they are the baseline for Windows security.
In addition to these baseline measures, it is always recommended that you have additional third-party security software on all servers and workstations. Without third-party security software, an attack on these Windows Services by Conflicker could render your network compromised or disabled.
2. Sality Virus
Sality is similar to Conflicker – it is a virus that allows remote access to your systems and network with the goal of remaining on the system to download additional malware and inflict harm.
Unlike Conflicker which primarily targets servers, Sality malware is prevalent on all platforms of the Windows Operating System.
The Sality malware can affect your network by targeting executable (.exe) files that when run have the ability to induce highly undesirable (and costly) results.
For example, an executable file infected by Sality can search your computer system or network for files with specific extensions (like .docx, .xlsx, or other Office extensions) and delete them all. It can also be used to terminate processes and services related to security on your network while downloading additional malware.
As harmful as Sality can be, there are simple preventative measure that can be taken:
- Keep your firewall enabled on all systems.
- Ensure the latest updates on all applications (mostly Windows, Java, etc.).
- Avoid downloading executable files from sites or providers you don’t trust.
- Use a third-party antivirus software and ensure it is kept up-to-date.
3. The Cutwail Botnet
Cutwail is a botnet.
A botnet is a collection of internet enabled computers, unaware of being infected with botnet malware, and being used to transmit malicious data to other computers on the internet, often such as spam messages or to perform DDoS (Distributed Denial of Service) attacks.
Cutwail is estimated to be the largest botnet of its kind. It started out as a spam botnet. It would receive email spam out from a remote command center. It would then report back to the remote command center a list of statistics on the spam emails that were sent.
In the last few years the focus of the Cutwail botnet has changed to performing DDoS attacks. These DDoS attacks harness the power of a botnet (and use that power to attack specific networks. These DDoS attacks mainly consist of the botnet requesting information or sending multiple packets to the specific network in such rapid succession from all the computers that make up the botnet that it in essence causes a network to crash and then allowing malicious cyber criminals entry into the network to steal personal, financial and corporate information.
Again, the best practices in preventing the Cutwail bot is to ensure your network has a reputable antivirus software installed and properly configured firewall.
4. Fareit Trojan Virus
Fareit malware steals users’ credentials from web browsers and emails. It rose sharply from being in 93rd place to becoming the 10th most common malware seen this fall, so we have included it on our educational list.
Fareit is a Trojan virus used to steal information such as usernames, passwords, emails and other sensitive credentials that are sent back to the hacker.
Fareit is presently being used in more ransomware scams as a way to force users and companies into paying hackers to unlock their data.
Fareit can be exceptionally harmful to your servers and users can be infected by simply visiting a malicious website.
In addition to stealing FTP credentials for a server, Fareit can also steal directory lists, port numbers, server names and server types. It can affect a wide range of Windows Operating Systems such as Windows NT, Windows 95, Windows 98, Windows ME, Windows 2000, Windows Vista, Windows XP, Windows 7, Windows Server 2003, Windows Server 2008, Windows 8 and Windows 10.
The three main steps to preventing a Fareit from affecting your network are:
- Ensuring antivirus software is installed and up-to-date.
- Ensuring firewalls are enabled and properly configured.
- Ensuring users refrain from visiting malicious or unknown websites.
Network Security Solutions in Toronto – TUCU
Now Is The Time For Your IT Security Audit. It’s so easy to delay important projects such as IT Security audits and improvements. The call of busy work and client work is always there. The ever increasing cybersecurity threats are also there, and so now is the time to schedule your IT Security Audit and IT Planning Session. Schedule some time with your IT Provider, or call on us. We are TUCU tech u can use – Small Business IT Experts serving Toronto since 2003.