Posts Tagged ‘Stuxnet virus’

Be Carrefully from Stuxnet Virus

October 5, 2010 Leave a comment

Still remember the alias Stuxnet Winsta? Viruses that are popular causes disk space becomes full, any remaining hard disk capacity so that you can not save the file. Now, there is a type of virus made in local Stuxnet which will also result in hard drive becomes full, but with different methods.

“To spend the rest of the disk, it will make virus file in number in the hundreds in every folder that was determined,” said Taufik Juhar Adang, Senior Vaksinis Vaksincom, in his statement, October 5, 2010. “But ‘fortunately’ this virus will only attack the master drive [C: \] alone.”

To simplify deployment, Adang said, he will utilize the autorun feature of Windows and also spreads by exploiting a USB flash disk media and networks (full access). In addition he will also be spread through peer to peer file sharing like Kazaa, Morpheus or any other program to create several files in the directory specified.

Adang said, in an effort to spread, the virus will use social engineering to take advantage of file compression program (WinRAR) with the characteristics using WinRAR icon, the file size 60KB, and the file extension *. exe.

“The technique used is not just mendompleng WinRAR program icon, but more than that, it will activate itself automatically when the user starts the program WinRAR or files that have been compressed using WinRAR,” Adang said.

If the target computer program is not installed WinRAR, Adang said, he was preparing another method for themselves can be activated automatically. “How to do a ‘diversion’ when the user runs the file with the extension that has been determined.”

To complicate the process of elimination, it will block some Windows features such as Search, Folder Options and Run. “He also would block security tools or when the user accesses a folder with a name that has been determined by reading the caption text or the name of the application. If the user opened it, he immediately closed it again, “Adang said. “In addition he will also be blocked when a user installs the program / application to open Notepad application.”

Not only that it will be done by this virus, it will also hide files MS Office (MS Word) located in the directory [C: \ Documents and Settings \% username% \ My Documents] and create a replacement file [in the form of the virus file] according to MS Word file name.

To clean this virus with an optimal, Adang said, you need to use anti-virus database up to date. With the latest updates, the antivirus will detect this virus as W32/Suspicious-Gen2.CAHWJ or Backdoor.Trojan. The steps to clean this virus can you see in the following pages.


Six Million Computer Attacked by Virus

October 2, 2010 2 comments

Super virus called cyberworm Stuxnet has been attacked about six million personal computers and 1,000 computer companies in the corners of the Bamboo Curtain country – China, according to Xinhua news agency reported from Friday (1 / 10).

Zhantao Wang, an engineer from a leading antivirus service manufacturer in China, said that this computer virus capable of stealing personal information, especially from industrial companies. After that the virus is sent back data that has been taken to the servers in the United States.

Hackers can take control of the engine company that is run by computers infected by Stuxnet, and gave orders treacherous that cause serious damage.

Super virus exploits a bug in Siemens auto-control system used in the manufacturing industry to go through security checks, said Wang. This virus can copy itself and spread through the U-disk in corporate and government networks.

Manufacturers of anti-virus service Rising International Software, has developed software to kill the virus that can be downloaded for free from the company’s official website.