Tuesday, February 7, 2012

Top 2 Deadly Computer Viruses for 2011


Stuxnet Virus target Centrifuges at IRAN Nuclear Plant

Virus evolves yearly, new variants are created and discovered and one way to protect your computer from viruses and online threats are updated antivirus and daily scan maintenance.

But is this enough?

Take a look at  the top 2 deadly computer viruses for 2011 that are hard and tough to eradicate although discovered years earlier but still infecting computers today.


Top 2 Deadly Computer Viruses for 2011

1. StuxNet Virus - Discovered on a rebooting PC, a real cyber weapon, a complex malware written, named from combination of (.stub and MrxNet.sys) code infected IRAN Nuclear Power Plant in 2010. The virus uses the  ZERO DAYS Exploit, zero-days finds software vulnerabilities that are yet unknown to software maker and antivirus vendor and with millions of Viruses and Malwares each year only few uses this exploit, in other word it's a rare virus. The Details about Zero Days Exploit could be sold in Black Market for $100,000.

StuxNet was designed to target Simatic WinCC Step7 software of Siemens, a program that control motors, valves and switches, thus damaging Uranium rich centrifuges of IRAN Nuclear Power Plant. It can also possibly affects Water Treatment plant, Train control system and other Big Industrial System.


How Complex is StuxNet Virus Code?

1. Uses 4 Zero-Day Vulnerabilities.
2. Exploits Windows LNK , Print spooler, Keyboard File, Task Scheduler Vulnerability
3. Uses the LAN and USB to spread the virus
4. it's a 500kb virus, typical malware is 10kb-15Kb
5. It's a 5 layer, 3 main parts and 15 components and can be easily copied and modified virus code, 2 files are still not cracked by antivirus vendor which believe to hold the origin of the virus.
6. Uses 2 stolen valid certificates from RealTek Semiconductor and Jmicron Technology.
7. It's a virus that could destroy something physical in the real world. It is aimed to hijacked PLCs (Programmable Logic Contollers).


Stuxnet virus Affected Countries:

IRAN - 58.85%
INDONESIA - 18.22%
INDIA -8.31%


2. Ramnit Virus - Discovered in April 2010, Win32 Ramnit is a multi component malware that infects Windows executable files ( .EXE, .DLL and .SCR Files) , Microsoft Office Files (.DOC, .DOCX and .XLS extensions), HTML Files (.HTML or.HTM extension) and  stealing FTP credentials and passwords and browser cookies ( Chrome, Firefox, Safari, Opera and IE). The malware uses a hidden browser and open a backdoor that awaits instruction from an attacker.


What Ramnit Virus can do?


1. A Backdoor, remotely access your computer from a server
2. Downloads Variety of Malwares to your computer.
3. Steals your sensitive data and bank account credentials
4. Ability to defeat security measures and hijacked banking sessions.
5. Spread thru removable and network drives
6. The presence of <filename>.Srv.exe indicates the presence of this malware to your computer

Ramnit infections spreads to 800, 000 Windows PC as of September -December 2011 and recently Ramnit variants steals 45, 000 facebook accounts mostly from UK and France, it uses the social networking site Facebook to take advantage that users uses same passwords accounts to other sites and it transmits malicious links to facebook friends to spread it's infections.

Ramnit.C Affected Countries:

UK = 69%
France - 27%
Other - 4%


Sources:
Wired.com - Stuxnet Virus
Arstechnica.com - Ramnit Virus



Related Articles:

7 Ways to make your Computer Virus Free with IOBIT Malware Fighter and AVG  2012 AntiVirus Protection
What's New with Latest Advanced System Care Ver 5.0 - A Review
How to make your Computer Startup 50% Faster - Tips and Tricks
Tips and Tricks to make your Computer Virus Free for Every Season

11 comments:

Diana Guess said...

It's sad that new variants of viruses are created... I don't see the point. We should work properly on our computers, not with worries that someone can steel something personal from our devices. Nevertheless, it's great that we can find some good antiviruses for this and great IT tech support specialists as well, if we really have big issues.

mtrguanlao said...

Oh my,alarming viruses! I wish I wont encounter those in my laptop,waaa!!!

Henry said...

Ang dami pwede gawin ng mga viruses ngayon. Sobra delikado sa PC and other device na nkaka-access ng internet.

reyah said...

But i was hoping that some computer expert would do something about this. And don't let some virus creator to succeed.

GbSb TEchBlog said...

There is a group of people making new viruses that uses authentic digital driver certification like Stuxnet and next to it is the Duqu virus.

Recently, Anonymous attacks CIA website, making it offline.

We should really take cautiously when connecting to internet and using USB.

anney said...

Hay ang mga virus talaga na yan mga pasaway!

Blocked Drains Melbourne said...

Virus really destroy our computer system if not be treated. Thanks for the share.

Online Malware Removal said...

These new viruses are very alarming on web world. We must be very careful on dealing with these said viruses. Be careful on opening unknown file to prevent such infections on your computer. Very well post. Thanks for sharing.

Manila Wedding Suppliers said...

I hate virus !!

i love you virus said...

i love you virus

Aj Banda said...

both are pretty serious.

First a virus that can infect a PLC is one worst thing. Most of the technology we have right now even here in the Philippines are run by PLC. Based from what I've heard even Rail Transits are run by it.

Next is my favorite type of Virus, my type of virus that can do remote access to someone's PC :p

Post a Comment

Related Posts Plugin for WordPress, Blogger...