As a result, a malicious program that acts in the country is still dominated by malware last month such as: like WIN32/Ramnit.A, LNK / Autostart.A, Win32/Somoto.A, and differ only in the escalation
its course so that the top 10 there is a change.
Here are 10 malware detected in Indonesia during the month of July 2012 according to security company Eset.
1. WIN32/Ramnit.A
Viruses are known to make stubborn and distracted Internet users. Until last July, quite a lot of reports that the computer was attacked by Ramnit.
After declining in previous months, tops Ramnit back from May until July. This trojan type viruses are relatively active in the spread.
2. LNK / Autostart.A
LNK / Autostart.A Win32/CplLnk.A is another name, that specially manufactured threat or malware shortcut to use crack, and the latter was also used by variants of Win32/Stuxnet.
When a user opens a folder containing a shortcut by using a malware application that displays the shortcut icon, then the malware will be automatically activated.
This category of malware worm had horrendous, once again active for several days and was detected in the United States and Iran. The impact of widespread worm attacks in several major countries, namely 58% in the United States, 30% of Iran, Russia 4% more.
3. Win32/Ramnit.F
Malware type Trojan is able to copy his hard drive that will satisfy the infected computer. These viruses usually hide in the office applications, even games.
With the ability to open the firewall and disguised as a fake program to collect important data such as transaction data, financial data so it is recommended to immediately remove if found any indication of this virus for potential inhibiting Win32/Ramnit.F work computer and data stored in it.
4. Win32/Sality.NBA
Win32.Sality.NBA is a malicious program that is illegal in Windows. The program is capable of taking over system resources and slow down computer performance.
Several similar programs often appear as messages or banner ads that disrupt the work process. Meanwhile, the malware also destroy data stored on the computer.
5. Win32/Somoto.A
A computer program in the form of a malicious adware. The mode appears as an advertisement, the unwary user will click and instantly Win32/Somoto.A malware will install malware on the victim's computer.
Once inside, Somoto.A always bring up the pop-up banner. This malware will always be integrated with other computer bugs such as keyloggers, backdoors, etc..
The main work of this malware is actually the victim to record all online activity and transmit vital data to another computer without the victim is known by the victim.
6. HTML / Iframe.B.Gen
It is a kind of trojan is dangerous and could hijack a Windows-based computer and then installs a backdoor on the computer. Html / Iframe.B.Gen able to turn off antivirus software, as well as monitor user browsing activity, even deleting registry entries.
Identified the presence of malware ESET as HTML / Iframe.B.Gen can also cause the operating system on a computer is not able to work at all so it is very dangerous to the security of all data stored on the computer.
7. Win32/Ramnit.H
Malware that exploit security flaws that hackers can get the controller and take over the target computer via a network connection.
Ramnit.H is a trojan type malware, which, after being on the computer, it sends the malicious files, and perform certain activities, which impact on the stagnant performance of the computer by simply adding an entry to the system registry file and operating systems.
Ramnit.H also able to monitor the online activities of victims, then steal financial data such as credit card data, passwords, user name. Malware is identified as Win32/Ramnit.H in Eset also able to turn off the security system.
8. INF / Autorun.gen
Detection of INF / Autorun.Gen used to describe a series of malware that uses the autorun file as a way to confirm the computer-which successfully attacked the target PC.
File contains information program that was developed to be able to run it as a mobile device (eg USB Flash Disk and other similar devices accessed by users who use Windows-based PC).
ESET's security systems recognize the device malware INF / Autorun which has been installed and modify the file autorun.inf, advanced heuristic on Eset security system also identifies the INF / Autorun as one of the great family of malware.
9. Win32/Virut.NBP
Win32/Virut.NBP is polymorphic file infector that is connected to the IRC network and can be controlled remotely.
Executable files the malware attack. Therefore, when installed, will immediately seek Win32/Virut.NBP executables files with the extension. Exe and. Scr.
Operation carried out after it is installed is to send data and commands from a remote computer or from internet. Furthermore the remote computer will communicate with the server that uses the IRC protocol, which is irc.zief.pl and proxim.ircgalaxy.pl.
10. LNK/Exploit.CVE-2010-2568
LNK/Exploit.CVE-2010-2568 is the generic detection for malware shortcut files that are designed specifically so that they can enter through the back door in Windows. Gap CVE-2010-2568 is a common and usually infiltrated by Trojans become a part of another malware that come in through the gap Windows.
Although Windows updates have been made to patch the cracks CVE-2010-2568, an attempt to exploit the gap is still running by becoming part of the bots and other malware with the mode of a vector of infection.
Yudhi Strong, Technical Consultant PT. Prosperita-Eset Indonesia said that during the last month of July 2012 there was relatively no special malware that can infect a great way in Indonesia, so it goes in the top 10.
DNS Changer is very small and its spread was not evident as heralded. Malware such as Ramnit old, and Sality still dominate and many infected computers in Indonesia.
"Our behavior in using the computer, surf and exchange data affect the risk of exposure to malware. In addition, security in computer applications also do not get out of date, because once we got, it will take much effort to deal with malware,"
