Jinshan Poison PA anti-Virus engineers forecast the security situation in May, in which the rogue behavior of IE homepage modification, the virus transmission retro phenomenon and the third party software vulnerability threat became the main trend in the May.
Malicious programs that modify IE homepage can grow significantly
In April, revealing the growth of the IE Homepage modified virus, May is likely to be a more large-scale outbreak. These viruses may be a separate section of maliciously modified code, and may be in the form of rogue software. But they modify the IE home page, the user to guide the motivation of a particular page, is nothing more than a "profit" word.
By helping to promote these specific websites, virus writers can get valuable commissions, the more computers that are modified, the more users are forced to browse those sites, and the more traffic they get. Accordingly, the virus author can get more commission also.
In order to ensure their long-term presence of computer systems, these malicious programs will continue to evolve the ability to resist, more and more use of driver-level changes, so that ordinary security software difficult to repair.
There may be a retro phenomenon in the way the virus spreads
In the past few months, the web-hung horse has been a popular virus-loving way to promote the virus, its efficient automatic attack, for the virus gangs in exchange for huge illegal profits. However, this practice aroused the anger is also quite large, netizens scold sound, the security manufacturers have launched a special tool to prevent the horse, quickly compressed the web page hanging horse "living space."
Jinshan Poison PA found that in this case, some traditional virus promotion means to start "recovery", such as the virus and ordinary files bundled, or in the game plug directly embedded malicious code. Although the traditional methods of the promotion of low efficiency, but if the clever use of social hot events to attract users to download the "bait", then the virus group can still catch a sum.
However, as long as users pay attention to each download after the first scan with antivirus software downloaded files, security is still guaranteed. Moreover, we should continue to be vigilant about the spread of horses.
Third-party software vulnerabilities worth paying attention to
The same is due to the vulnerability of Web pages to the compression of space, and some other virus groups are likely to look to the third party software vulnerability mining. In the last days of April, messages about Nokia's operating system vulnerabilities and Storm-AV 0day vulnerabilities began to spread through hackers ' circles, which could be used to test the phone bank's password indefinitely, which could be used to embed malicious code in video.
Theoretically, there are 0day vulnerabilities in any software, and the problem is who will find it first. If the software developers, then the relevant patches will soon release, blocking loopholes, the user's loss to the lowest, and if the hacker organization first discovered, then the software users will be reduced to the slaughter of the broiler-delicious, lucrative.