|Stuxnet Virus target Centrifuges at IRAN Nuclear Plant|
Virus evolves yearly, new variants are created and discovered and one way to protect your computer from viruses and online threats are updated antivirus and daily scan maintenance.
But is this enough?
Take a look at the top 2 deadly computer viruses for 2011 that are hard and tough to eradicate although discovered years earlier but still infecting computers today.
Top 2 Deadly Computer Viruses for 2011
1. StuxNet Virus - Discovered on a rebooting PC, a real cyber weapon, a complex malware written, named from combination of (.stub and MrxNet.sys) code infected IRAN Nuclear Power Plant in 2010. The virus uses the ZERO DAYS Exploit, zero-days finds software vulnerabilities that are yet unknown to software maker and antivirus vendor and with millions of Viruses and Malwares each year only few uses this exploit, in other word it's a rare virus. The Details about Zero Days Exploit could be sold in Black Market for $100,000.
StuxNet was designed to target Simatic WinCC Step7 software of Siemens, a program that control motors, valves and switches, thus damaging Uranium rich centrifuges of IRAN Nuclear Power Plant. It can also possibly affects Water Treatment plant, Train control system and other Big Industrial System.
How Complex is StuxNet Virus Code?
1. Uses 4 Zero-Day Vulnerabilities.
2. Exploits Windows LNK , Print spooler, Keyboard File, Task Scheduler Vulnerability
3. Uses the LAN and USB to spread the virus
4. it's a 500kb virus, typical malware is 10kb-15Kb
5. It's a 5 layer, 3 main parts and 15 components and can be easily copied and modified virus code, 2 files are still not cracked by antivirus vendor which believe to hold the origin of the virus.
6. Uses 2 stolen valid certificates from RealTek Semiconductor and Jmicron Technology.
7. It's a virus that could destroy something physical in the real world. It is aimed to hijacked PLCs (Programmable Logic Contollers).
Stuxnet virus Affected Countries:
IRAN - 58.85%
INDONESIA - 18.22%
2. Ramnit Virus - Discovered in April 2010, Win32 Ramnit is a multi component malware that infects Windows executable files ( .EXE, .DLL and .SCR Files) , Microsoft Office Files (.DOC, .DOCX and .XLS extensions), HTML Files (.HTML or.HTM extension) and stealing FTP credentials and passwords and browser cookies ( Chrome, Firefox, Safari, Opera and IE). The malware uses a hidden browser and open a backdoor that awaits instruction from an attacker.
What Ramnit Virus can do?
1. A Backdoor, remotely access your computer from a server
2. Downloads Variety of Malwares to your computer.
3. Steals your sensitive data and bank account credentials
4. Ability to defeat security measures and hijacked banking sessions.
5. Spread thru removable and network drives
6. The presence of <filename>.Srv.exe indicates the presence of this malware to your computer
Ramnit infections spreads to 800, 000 Windows PC as of September -December 2011 and recently Ramnit variants steals 45, 000 facebook accounts mostly from UK and France, it uses the social networking site Facebook to take advantage that users uses same passwords accounts to other sites and it transmits malicious links to facebook friends to spread it's infections.
Ramnit.C Affected Countries:
UK = 69%
France - 27%
Other - 4%
Wired.com - Stuxnet Virus
Arstechnica.com - Ramnit Virus
+ 7 Ways to make your Computer Virus Free with IOBIT Malware Fighter and AVG 2012 AntiVirus Protection
+ What's New with Latest Advanced System Care Ver 5.0 - A Review
+ How to make your Computer Startup 50% Faster - Tips and Tricks
+ Tips and Tricks to make your Computer Virus Free for Every Season