Go homepage(回首页)
Upload pictures (上传图片)
Write articles (发文字帖)

The author:(作者)
published in(发表于) 2016/8/5 10:43:35
“New“ Windows Trojan is found: “poison“ is vintage,

English

中文

"New" Windows Trojan is found: "poison" is retro-Trojan, virus Windows-IT information

IT information news on August 5, Trojan viruses, malicious software on the Windows platform patterns emerge, Ransomware, inducing nature of virus mail people caught off guard, and recently, a new Trojan horse was found, although it is very new, but it's the way attacks computer is "retro".

It is reported that the Trojan virus is mainly through audio editing software Audacity installed files, and start menu Classic Shell tools software to spread, and its propagation source is the download site FossHub. Download this by hiding in Web services technique in the last century 90 's style. And when these two hot piece of software to be downloaded after installation, Trojan virus can overwrite the victim computer's master boot record (MBR), Windows does not start normally. Of course, compared to the damage of this virus is now forced to blackmail software as well as many smaller virus access to users ' personal information, but cannot be ignored.

This Trojans of author is PeggleCrew, and now has was claimed for this up attack event is responsible for, he explained has this virus of attack principle: using not with certification mechanism of network service grab data, get target website of source code and password, then in-depth to website of based schema, eventually control live they of production equipment, and backup and mirror address, and they using buffer service of FTP certificate and Google Apps managed of e-mail.


“新型”Windows木马被发现:“下毒”方式很复古 - 木马,病毒,Windows - IT资讯

IT资讯讯 8月5日消息,如今Windows系统平台上的木马病毒、恶意软件花样层出不穷,各种勒索软件、具有诱导性质的病毒邮件等让人防不胜防,而近日,有一款新的木马被发现,虽然它很新,但它攻击电脑的方式却很“复古”。

据悉,这种木马病毒主要通过音频编辑软件Audacity的安装文件以及开始菜单工具软件Classic Shell来传播,而它的传播源头是下载网站FossHub。这种通过隐藏在下载网站服务中的手法颇有上个世纪九十年代的风格。而当上述两款热门软件被下载安装后,木马病毒就会覆写受害人电脑的主引导记录(MBR),造成Windows无法正常启动。当然,这种病毒的危害相比如今那些强制勒索软件以及获取用户私人信息的病毒要小不少,但一样不能忽视。

这种木马的作者是PeggleCrew,而现在已经有人声称为这起攻击事件负责,他解释了这种病毒的攻击原理:利用不带认证机制的网络服务抓取数据,获得目标网站的源代码和密码,然后深入到网站的基础架构,最终控制住它们的生产设备、备份和镜像地址、它们使用缓冲服务的FTP证书以及Google Apps托管的电子邮件。






If you have any requirements, please contact webmaster。(如果有什么要求,请联系站长)





QQ:154298438
QQ:417480759