HOME

TheInfoList



Click Here for Items Related To - Virut
OR:
Virut on:   [Wikipedia]   [Google]   [Amazon]

Virut is a
cybercrime Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or Computer network, networks. It has been variously defined as "a crime committed on a computer network, especially the Internet"; Cyberc ...
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
botnet A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, sp ...
, operating at least since 2006, and one of the major botnets and malware distributors on the Internet. In January 2013, its operations were disrupted by the Polish organization
Naukowa i Akademicka Sieć Komputerowa The Naukowa i Akademicka Sieć Komputerowa (), abbreviated NASK, is a Polish research and development organisation, data networks operator, and Domain name registry, internet domain name registry operator for the Country code top-level domain, ...
.


Characteristics

Virut is a malware botnet that is known to be used for cybercrime activities such as
DDoS In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host co ...
attacks,
spam Spam most often refers to: * Spam (food), a consumer brand product of canned processed pork of the Hormel Foods Corporation * Spamming, unsolicited or undesired electronic messages ** Email spam, unsolicited, undesired, or illegal email messages ...
(in collaboration with the Waledac botnet),
fraud In law, fraud is intent (law), intentional deception to deprive a victim of a legal right or to gain from a victim unlawfully or unfairly. Fraud can violate Civil law (common law), civil law (e.g., a fraud victim may sue the fraud perpetrato ...
,
data theft Data theft is the unauthorized duplication or deletion of an organization's electronic information. Data theft is a growing phenomenon primarily caused by system administrators and office workers with access to technology such as database server ...
, and pay-per-install activities. It spreads through executable file infection (through infected USB sticks and other media), and more recently, through compromised
HTML Hypertext Markup Language (HTML) is the standard markup language for documents designed to be displayed in a web browser. It defines the content and structure of web content. It is often assisted by technologies such as Cascading Style Sheets ( ...
files (thus infecting vulnerable browsers visiting compromised websites). It has infected computers associated with at least 890,000
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
es in
Poland Poland, officially the Republic of Poland, is a country in Central Europe. It extends from the Baltic Sea in the north to the Sudetes and Carpathian Mountains in the south, bordered by Lithuania and Russia to the northeast, Belarus and Ukrai ...
. In 2012, Symantec estimated that the botnet had control of over 300,000 computers worldwide, primarily in
Egypt Egypt ( , ), officially the Arab Republic of Egypt, is a country spanning the Northeast Africa, northeast corner of Africa and Western Asia, southwest corner of Asia via the Sinai Peninsula. It is bordered by the Mediterranean Sea to northe ...
,
Pakistan Pakistan, officially the Islamic Republic of Pakistan, is a country in South Asia. It is the List of countries and dependencies by population, fifth-most populous country, with a population of over 241.5 million, having the Islam by country# ...
and
Southeast Asia Southeast Asia is the geographical United Nations geoscheme for Asia#South-eastern Asia, southeastern region of Asia, consisting of the regions that are situated south of China, east of the Indian subcontinent, and northwest of the Mainland Au ...
(including
India India, officially the Republic of India, is a country in South Asia. It is the List of countries and dependencies by area, seventh-largest country by area; the List of countries by population (United Nations), most populous country since ...
). A Kaspersky report listed Virut as the fifth-most widespread threat in the third quarter of 2012, responsible for 5.5% of computer infections.


History

The Virut botnet has been active since at least 2006. On 17 January 2013, Polish research and development organization, data networks operator, and the operator of the Polish " .pl" top-level
domain registry A domain name registry is a database of all Domain name, domain names and the associated registrant information in the top level domains of the Domain Name System (DNS) of the Internet that enables third party entities to request administrative co ...
,
Naukowa i Akademicka Sieć Komputerowa The Naukowa i Akademicka Sieć Komputerowa (), abbreviated NASK, is a Polish research and development organisation, data networks operator, and Domain name registry, internet domain name registry operator for the Country code top-level domain, ...
(NASK), took over twenty three domains used by Virut to attempt to shut it down. A NASK spokesperson stated that it was the first time NASK engaged in such an operation (taking over domains), owing to the major threat that the Virut botnet posed to the Internet. It is likely Virut will not be shut down completely, as some of its control servers are located at Russian " .ru" top-level domain name registrars outside the reach of the Polish NASK. Further, the botnet is able to look up alternate backup hosts, enabling the criminals operating it to reestablish control over the network.


See also

* Command and control (malware) * Zombie (computer science) *
Trojan horse (computing) In computing, a trojan horse (or simply trojan; often capitalized, but see below) is a kind of malware that misleads users as to its true intent by disguising itself as a normal program. Trojans are generally spread by some form of social engin ...
*
Botnet A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, sp ...
*
Alureon Alureon (also known as TDSS or TDL-4) is a trojan and rootkit created to steal data by intercepting a system's network traffic and searching for banking usernames and passwords, credit card data, PayPal information, social security numbers, and ot ...
* Conficker *
Gameover ZeuS GameOver ZeuS (GOZ), also known as peer-to-peer (P2P) ZeuS, ZeuS3, and GoZeus, is a Trojan horse (computing), Trojan horse developed by Russian cybercriminal Evgeniy Bogachev. Created in 2011 as a successor to Jabber Zeus, another project of Bog ...
*
ZeroAccess botnet ZeroAccess is a Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet while remaining hidden using rootkit techniques. History and propagation Th ...
* Regin (malware) *
Zeus (malware) Zeus is a Trojan horse (computing), Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal Banking, banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread main ...
* Timeline of computer viruses and worms


References

{{Botnets Internet security Distributed computing projects Spamming Botnets Cybercrime in India