New varieties of Grey Pigeon in computer virus Center recently ravaged the internet

National Computer Virus Center reminds:

According to the Xinhua news agency, the National Computer Virus Emergency treatment center through the Internet monitoring found that many computer users recently by the "Gray Pigeon" new variant (Backdoor_greypigeon.asiy) threat to remind users beware.

Experts say the variant is a reverse-connected backdoor, which means that a reverse connection can bypass network firewall monitoring. It causes the infected operating system to actively connect to the remote Web site specified by the malicious attacker, obtaining the client's IP address. A malicious attacker manipulates the client and the infected operating system is the server. Subsequently, the infected operating system listens for the instructions of a malicious attacker to achieve the purpose of remote control.

After the variant runs, it copies itself to the system directory of the infected operating system and sets its properties to be hidden, system, read-only. At the same time, it creates some system services and modifies the registry to enable it to be started with the operating system. It also creates a new browser IE process in the infected operating system, sets its properties to hidden, and inserts the virus file itself into the process.

In addition, through the "gray pigeon" in the infected operating system background record user keyboard operation, a malicious attacker may arbitrarily steal personal and local system information from the computer's user system and send it to a malicious attacker, which will eventually result in the user's computer system being remotely controlled and the files being deleted maliciously. System automatic Remote download upload malicious program files.