Zombie Network infected enterprise intranet Jinshan poison PA in time to intercept

Foreign media reports that the Ropian worm (alias Kolab worm) is spreading badly. After infection Ropian worm virus LAN communication is disturbed, normal computer is induced to download backdoor program, make intranet become part of Hacker Zombie Network, to Enterprise, institution, school net security poses a serious threat. Jinshan Poison tyrants in early September can be killing.

Figure intranet infected with Ropian worm, normal computer will be forced to download backdoor program

Jinshan Poison PA Safety Center on the Ropian Worm did a detailed analysis: found that the main transmission of Ropian worm is the local area network set up a server, luring the normal computer browser download worms to achieve automatic transmission. At the same time, the virus will also be in the U disk and other Removable storage media created from the boot file.

Virus by creating additional printer services to achieve the automatic operation after each boot, because each computer poisoning, will run some usually only the server to provide the function, poisoning network will appear frequent communication failures: such as slow speed, frequent drop line, can not get the normal IP address, Poisoning the computer's firewall configuration has been modified and other phenomena.

Since the final download of the target virus is fully controlled by the cloud, the virus propagator can adjust at will, the Jinshan poison PA Antivirus Center monitoring in early September to detect the Ropian worm will download more dangerous Tdss rootkit back door. TDSS Rootkit had appeared a few years ago and was quite difficult to clear.

In foreign countries, TDSS rootkit back door has infected millions of computers, built a huge botnet, previously mainly with some large commercial software registration machine, cracked patches to spread. The goal of TDSS rootkit to build botnets is not clear enough, with security experts thinking the main purpose is to collect business intelligence and randomly click on ads to make a profit. You can also perform more dangerous or complex tasks, such as DDoS attacks on other networks, allowing computers to be remotely controlled by hackers, and so on.

For Chinese netizens, often encounter rogue software or Trojan horse, those who have the technical content of the worm is not very common. Jinshan Poison PA Safety experts believe that, due to netizens generally lack of knowledge of the Ropian worm, the worm into our country, it may have a more serious impact: just as exotic species suddenly reached a suitable growth environment, only a short period of time may cause ecological disaster.

Jinshan security experts judged by the Ropian worm virus is the biggest, is the enterprise, government agencies, large and medium institutions and other units of the local area network. Jinshan safety experts recommend enterprise network management highly vigilant Ropian worm, Jinshan poison pa can intercept and killing in early September.