New Virus on the Prowl - Sality.AO
Sality.AO uses some techniques which haven’t been seen for years, such as EPO or Cavity, said a recent report released by Panda Security’s lab.
EPO allows part of a legitimate file to be run before infection starts, making it difficult to detect the malware. Cavity involves inserting the virus code in blank spaces within the legitimate file’s code, making it both more difficult to locate and to disinfect infected files.
The virus is not just restricted to files, but can propagate across the Internet, directing the browser without the user’s knowledge to a malicious page, according to the report.
"As we forecast in our annual report, the distribution of classic malicious code such as viruses will be a major trend in 2009," said Luis Corrons, technical director of PandaLabs.
- Skybox Finds Cryptomining Malware Now Dominates Threat landscape
- Indians Lack Awareness Of Malicious Cryptomining: Study
- Is the New URL File Outbreak a Ransomware Attempt?
- Nearly All Firms Are Unprepared For Next-gen Cyber-Attacks: Study
- What’s Driving The Shift To Cryptocurrency Mining Malware?
- Ransomware Against IoT, Mobile On The Rise: SonicWall
- Employee Training: A Security Priority For Financial CISOs
- Even Minor Glitches And Breaches Can Kill Brands
- This Malware Can Hit Hundreds Of Banks, Warn Researchers
- Global Cybercrime Industry Will Continue To Flourish