Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Viruses exploiting bank account numbers appear
People who use online banking services should be cautious with new viruses appearing on Windows that can steal account login information.
Known as a "rootkit" on websites created for the purpose of exploiting a vulnerability in Internet Explorer to install attack code. Security experts warned that Mebroot is a dangerous virus and difficult to detect because it is hidden deep in the operating system. The program seeks to overwrite a part of the main boot area (Master Boot Record - MBR). This is the area of the hard drive that the computer first reads when power is turned on, to find the operating system parameters.
Through the blog of security firm Symatec, Mr. Elia Florio pointed out that many virus programs take over before Windows uses MBR, thus controlling the operating system. Once installed, Mebroot paves the way for other malicious programs to download, such as content-stealing software, to steal confidential information. Most of these programs are inactive until computer owners access online banking systems.
Security firm iDefense has confirmed Mebroot has been detected since December 2007, but the virus variant began operating in a series of attacks that occurred at the end of the year. From December 12, 2007 to January 7, 2008, more than 5,000 computers were recorded.
The Mebroot analysis shows that thanks to the MBR mechanism as a shelter, it is possible to re-install associated programs when they are detected and removed by antivirus software. But only a few antivirus programs can find it, and Mebroot cannot be removed while the computer is working.
Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are targets that are easily controlled by this virus. The tool of the independent security firm GMER has just launched is considered to promote the function of detecting and removing information theft program introduced by Mebroot.
Anh Tu
Known as a "rootkit" on websites created for the purpose of exploiting a vulnerability in Internet Explorer to install attack code. Security experts warned that Mebroot is a dangerous virus and difficult to detect because it is hidden deep in the operating system. The program seeks to overwrite a part of the main boot area (Master Boot Record - MBR). This is the area of the hard drive that the computer first reads when power is turned on, to find the operating system parameters.
Through the blog of security firm Symatec, Mr. Elia Florio pointed out that many virus programs take over before Windows uses MBR, thus controlling the operating system. Once installed, Mebroot paves the way for other malicious programs to download, such as content-stealing software, to steal confidential information. Most of these programs are inactive until computer owners access online banking systems.
Security firm iDefense has confirmed Mebroot has been detected since December 2007, but the virus variant began operating in a series of attacks that occurred at the end of the year. From December 12, 2007 to January 7, 2008, more than 5,000 computers were recorded. The Mebroot analysis shows that thanks to the MBR mechanism as a shelter, it is possible to re-install associated programs when they are detected and removed by antivirus software. But only a few antivirus programs can find it, and Mebroot cannot be removed while the computer is working.
Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are targets that are easily controlled by this virus. The tool of the independent security firm GMER has just launched is considered to promote the function of detecting and removing information theft program introduced by Mebroot.
Anh Tu
4.5 ★ | 2 Vote
Micah SotoYou should read it
- How to manage startup programs with Windows?
- Disable programs that start with the system on Windows
- How to remove all available applications on Windows 10?
- How to Use Add or Remove Programs in Windows XP
- OneCare Live: Microsoft's security suite
- 12 programs and Windows applications are not required you should uninstall
- How to Remove Programs from Windows with IObit Uninstaller
- Hide running Windows programs and activate windows
May be interested
- New depths appear to attack Nokia phones
security firm fortinet has just warned of a toxic worm that attacks symbianos phones, but nokia is an example. the worm is called symbos / beselo.a! this worm spreads over mobile networks, capable of attacking - New trojans appear via MSN networkmsn messenger's instant messaging service network is currently undergoing a new wave of attacks from the dangerous trojan ircbot-rb. ircbot-rb trojan is often distributed through a msn messenger network message containing links to photos stored on web sites.
- Gaixinh's 'post' virus raged during Tetbeginning to appear on the 28th day of the lunar calendar, a strong outbreak followed and is still spreading, the next version of the gaixinh virus named w32.lotterym.worm has caused many people to trap because of the spread on yahoo messenger and the messages 'intoxicating'.
- About security impotence before Storm wormafter 13 hours of 'pause', the storm poison continued to violently bombard the world's internet users. this time, its 'victim bait' is the american labor day and hot women like beyonce and rihanna.
- Storm was 'stronger' than the BlueGene supercomputer dozens of timesa researcher claims that the power of the storm worm botnet has now overcome the power of ibm's most powerful blue gene supercomputer.
- P2P worms attack Skype usersthe most popular voip service provider for skype users is being attacked by a new worm that spreads through the p2p chat feature of this internet phone software.
Anyone must memorize these golden rules to secure bank accounts
5 common methods hackers use to hack bank accounts
Risk of phone control from bank account number
Instructions to check MB Bank account balance
Stolen bank account with Trojan Banking