Software downloads Download software kostenlos Télécharger du logiciel Francais Descargar programas gratis Espańol Gratis de baixar software para Windows Nederlandse software download gratis Programmi da scaricare gratis Italiano Japanese downloads Chinese Korean
According to PandaLabs, about 160,000 computers are infected with mali
Main

According to PandaLabs, about 160,000 computers are infected with malicious code Mpack

24th May 2007

After Mpack utility was detected by free online scanner NanoScan beta, PandaLabs registered its ability to download Malware on computers by exploiting multiple vulnerabilities.
There are at least 10,000 web pages that infect computers using this utility. Mpack is sold in online forums for a price of $ 700. Developers even offer updates for work with new vulnerabilities.
Exploit which was detected by NanoScan helped PandaLabs to reveal Mpack – a program that is used for downloading the malicious software to the remote computers by exploiting numerous vulnerabilities. Mpack has already been used on several occasions. One of the versions, to which PandaLabs has gained access, was used for infection of 160,000 computers.
These data were obtained with the help of statistical component of this application. But for the counting of the infected computers, this page allows cyber-criminals to track data on the host, which they attack, and also to group hosts accordingly to the installed operating system or browser. Also on this page there is the display of the effectiveness of the infection in different geographic regions.
This utility is sold in online forums for $ 700. With each version the developers offer free yearly support.
“Mpack contains functions that are commonly included in legal applications. For example, client updates. As updates other versions of the application act, which are in fact the exploits. They are needed for the use of the newly discovered vulnerabilities. Usually one update a month is released, and their cost ranges from $ 50 to $ 150”, - explains Luis Corrons, the technical director of PandaLabs. What is more, the customers are offered to buy DreamDownloader for $ 300. This utility is designed for creation of loadable Trojans. It works as follows: a hacker informs DreamDownloader with URL, which has the needed file (Trojan, worm, update of malware, etc.) and utility then automatically generates the executable file for its download.
“Two of these tools are complementary. The first allows you to infect the user with the chosen malicious code. The second, in turn, allows you to create this code, which is also designed for further download of other malicious software”, - adds Corrons. Attacks of Mpack
Mpack infects latently. Cyber-criminals use several technologies to make the user to run malicious file. In the case with Web servers, they generally add at the end i-coded reference to the file, which is downloaded by default and which contains the graded page at which Mpack is installed.
Sometimes they use the same hacked site for the layout of Mpack or other types of malicious software. They place Malware on third-party servers to hide their tracks. According to another infection technology, they place on host web pages the certain words; they are usually the words that are often used in the search. Thus, those pages are in the list found by search sliders, and the users who are searching can certainly enter a site containing Mpack.
There is another way of infestion – the purchase of domains with names, resembling the names of well-known sites. For example, gookle in which only one letter is different from the name of a well-known search engine google. Users, who by mistake entered the wrong letter, may become victims of the malicious code.
And, in the end, there is still spam. Electronic messages usually contain references, and to go on them they use the methods of social engineering.
Immediately after entering into the computer the code is run and collects data on the infected PC (browser, operating system, etc.). The information is then forwarded to a server where it is stored.
PandaLabs published a detailed study of Mpack, which can be accessed at: http://blogs.pandasoftware.com/blogs/images/PandaLabs/2007/05/11/MPack.pdf Any user who wishes to know whether his computer had been infected with this or that malicious code can use TotalScan or NanoScan beta, - free online solutions, which are available at: http://www.infectedornot.com





Windows Longhorn received official name – Server 2008 Software installation robot UnitedSetup 1.7
Featured
Hetman Uneraser Hetman Uneraser free download When your computer power suddenly goes off or you see a blue "screen of death", the first thought that comes to your mind is wh... Easy Graphic Converter Easy Graphic Converter free download Easy Graphic Converter is a powerful and easy-to-use graphic converter, image converter and thumbnails maker utility that can c... Easy Icon Maker Easy Icon Maker free download Easy Icon Maker is a small and easy-to-use all-in-one icon utility for icon making, editing, changing, extracting, and searchin... Ace CD Burner Ace CD Burner free download ACE CD Burner is a piece of software for burning MP3 or WAV files as CD audio that could be played on car CD player, CD discman... WMA To MP3 Converter WMA To MP3 Converter free download WMA To MP3 Converter was written for converting WMA to or from MP3/WAV files. So, with WMA to MP3 Converter, you may convert WM...
Interact
New programs Submit program Advertising Contacts Bookmark us
Now downloading
Score A Million World Capitals Pic-N-Pair Wacko Jacko Voodo Curse MSN Winks Uninstaller JustZIPit
Friendly SQL Friendly SQL free download Friendly SQL for Oracle is a lightweight, zero-configuration Oracle client featuring a SQL Editor an...
Blog categories
Software (4823)
Technology (576)
Entertainment (1541)
News blog
Crysis Warhead will have SDK Wrath of the Lich King will come out only on DVD Max Payne gets rated PG-13

Copyright © 2009 Software Pick Network. All rights reserved