1 - STUXNET - STUXNET was the hottest topic for 2010 when it comes to malware. Reversing STUXNET uncovered 4 zero-day exploits for vulnerabilities in the Microsoft windows operating system. While it was believed to be the first known malware to target the controls at industrial facilities such as power plants, this worm has successfully infected hundreds of thousands of computers on the Internet.
Here are the 4 vulnerabilities targeted by STUXNET:
- Microsoft Security Bulletin MS10-046
- Microsoft Security Bulletin MS10-061
- Microsoft Security Bulletin MS08-067
- Microsoft Security Bulletin MS10-073
2 - TDL4 - TDL4 is the latest version of a rootkit originally known as TDSS or Tidserv, which appeared back in 2008. However, unlike its predecessors, TDL4 is able to bypass code signing protection in 64-bit versions of Windows Vista and 7. By default these systems do not allow drivers that are not digitally signed to be loaded, but TDL4 manages to get around that by changing boot options before the operating system actually starts. TDSS is one of the most complex and dangerous malicious programs family in the world and it continues to evolve.
3 - Asprox - Asprox is a small botnet that has been used in password stealing, spam propagation, and phishing attacks. This botnet based attack is innovative by interfacing with Google’s search engine to locate vulnerable web pages. When a weakness is found, Asprox injects an iFrame based redirectional link on a vulnerable website in order to spread various types of malware.
4 - ZeuS 2.0 - ZEUS Botnet is still active in 2010. This trojan steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. ZeuS is sold in the criminal underground as a kit for around $3000-4000, and is likely the one malware most utilized by criminals specializing in financial fraud.
5 - Trojan Proxies - This type of malware turns the victim’s computer into a proxy server. This gives the attacker the opportunity to remotely perform malicious activity through your computer.
source: http://vitalisec.blogspot.com/2011/01/top-5-malware-threats-of-2010.html
thks
No comments:
Post a Comment