Daprosy Worm
   HOME

TheInfoList



Click Here for Items Related To - Daprosy Worm
OR:
Daprosy Worm on:   [Wikipedia]   [Google]   [Amazon]

Daprosy worm was a malicious
computer program A computer program is a sequence or set of instructions in a programming language for a computer to Execution (computing), execute. It is one component of software, which also includes software documentation, documentation and other intangibl ...
that spreads via
local area network A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, campus, or building, and has its network equipment and interconnects locally managed. LANs facilitate the distribution of da ...
(LAN) connections, spammed
e-mail Electronic mail (usually shortened to email; alternatively hyphenated e-mail) is a method of transmitting and receiving Digital media, digital messages using electronics, electronic devices over a computer network. It was conceived in the ...
s and
USB Universal Serial Bus (USB) is an industry standard, developed by USB Implementers Forum (USB-IF), for digital data transmission and power delivery between many types of electronics. It specifies the architecture, in particular the physical ...
mass storage devices Data storage is the recording (storing) of information (data) in a storage medium. Handwriting, phonographic recording, magnetic tape, and optical discs are all examples of storage media. Biological molecules such as RNA and DNA are consid ...
. Infection comes from a single read1st.
exe file For Microsoft Windows, OS/2, and DOS, .exe is the filename extension that denotes a file as being executable a computer program containing an entry point. In addition to being executable (adjective) such a file is often called an executable ( ...
where several dozen clones are created at once bearing the names of compromised folders. The most obvious symptom of Daprosy infection is the presence of ''Classified.exe'' or ''Do not open - secrets!.exe'' files from infected folders. Although first observed in early May 2009, the
worm Worms are many different distantly related bilateria, bilateral animals that typically have a long cylindrical tube-like body, no limb (anatomy), limbs, and usually no eyes. Worms vary in size from microscopic to over in length for marine ...
was first announced to the public as Daprosy
trojan Trojan or Trojans may refer to: * Of or from the ancient city of Troy * Trojan language, the language of the historical Trojans Arts and entertainment Music * '' Les Troyens'' ('The Trojans'), an opera by Berlioz, premiered part 1863, part 18 ...
worm by
Symantec Symantec may refer to: * Gen Digital, an American consumer software company formerly known as Symantec * Symantec Security, a brand of enterprise security software purchased by Broadcom Broadcom Inc. is an American multinational corporation, ...
in July 2009 and was later identified as Autorun-AMS, Autorun-AMW and Autorun-APL by Sophos. It acquired additional aliases from antivirus companies and others tag it as an incarnation or variation of the Autorun.H. The worm belongs to the “slow” mass mailer category where copies of which are attached and sent to addresses intercepted from the keyboard. The e-mail consists of a promotion of and installation instruction for an imaginary antivirus product purported to remove unknown infections from the computer. While infection cannot occur until the attached worm is renamed and opened, it could spread to system folders in a matter of seconds. It is known to shut down or hang Windows Vista and Windows 7 when attempts to write on the system drive are denied by said
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
s. Also, the worm hides folders and makes them "super hidden" so that data contained in them are not easily accessed. Precision
key logging Key, Keys, The Key or The Keys may refer to: Common uses * Key (cryptography), a piece of information needed to encode or decode a message * Key (instrument), a component of a musical instrument * Key (lock), a device used to operate a lock * ...
is the main threat associated with Daprosy infection. Logged keystrokes containing sensitive data could be sent to its author using the worm's improvised mailing system. Early strains are known to destabilize, corrupt and even stall the
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
due to
programming bugs A software bug is a design defect ( bug) in computer software. A computer program with many or serious bugs may be described as ''buggy''. The effects of a software bug range from minor (such as a misspelled word in the user interface) to sev ...
. Said strains appear to be incomplete and were probably created by students or amateur
Visual Basic Visual Basic is a name for a family of programming languages from Microsoft. It may refer to: * Visual Basic (.NET), the current version of Visual Basic launched in 2002 which runs on .NET * Visual Basic (classic), the original Visual Basic suppo ...
programmers as evidenced by using VB decompilers. Final or later releases of Daprosy worm are prolific online game password stealers. They also pose great threats to banking and other
e-commerce E-commerce (electronic commerce) refers to commercial activities including the electronic buying or selling products and services which are conducted on online platforms or over the Internet. E-commerce draws on technologies such as mobile co ...
establishments. Daprosy worm is rampant in public
Internet café An Internet café, also known as a cybercafé, is a Coffeehouse, café (or a convenience store or a fully dedicated Internet access business) that provides the use of computers with high bandwidth Internet access on the payment of a fee. Usage ...
s with LAN connections and exposed USB
mass storage In computing, mass storage refers to the storage of large amounts of data in a persisting and machine-readable fashion. In general, the term ''mass'' in ''mass storage'' is used to mean ''large'' in relation to contemporaneous hard disk drive ...
drives. As of October 2009 special scripts are available to remove it from infected computers. Many Windows system were stalled last November 13, 2009. An initial investigation points to the older versions of Daprosy Worm, viz. Sophos Autorun-AMS and Autorun-AMW, which appear to be "Friday the Thirteenth"
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
. More recent and persistent variants of Daprosy worm are still in circulation. A notable variant, Win32/Kashu.B as identified by Ahnlab, can be removed only by using live CD. Usually, such variants of Daprosy worm are infected by Sality viruses and usually have file size greater than 100 kilobytes. It now appears that Daprosy worm is a natural host to file-infecting viruses since the former is well distributed on all drives. Viral Daprosy exists in many variants which again requires special scripts to remove. Manual removal of worms infected with viruses requires knowledge usually belonging to individuals associated with AV companies. Daprosy is "active" even in Safe Mode which makes it difficult to manually remove. Its key logging mechanism is so precise that it captures almost everything typed on the keyboard. This ranks Daprosy as one of the most dangerous worms of the last decade.


References

{{Reflist Computer worms Hacking in the 2000s Internet cafés