Tuesday, July 20, 2010

Highly Dangerous Zero-day Windows Trojan Targets Espionage

There is a new vicious rootkit-level malware infection targeting critical infrastructure and aimed at corporate or government espionage. It often enters the enterprise through USB sticks. Finnish security company F-Secure advised that the current malware is very dangerous and poses, "a risk of virus epidemic at the current moment." F-Secure further warns that this is an espionage attack using LNK (*.LNK) shortcut files. All Windows operating systems are vulnerable, even Windows 7, though F-Secure says it has added detection modules for these rootkits to its own anti-malware products. Problem is, once it added the detection module, it started discovering infections all over the world, and the hole that the virus exploits remains unfixed. Because this is a rootkit infection, the virus bypasses security mechanisms. From regular Joes to enterprises, this spy rootkit is in the wild and spreading infection.