If you are used to sharing data over the Internet
or your enterprise's intranet, apply caution! A network
worm that will eventually bring in dangerous Trojans
to your computer, is on the prowl.
Security Analysts at MicroWorld
Technologies inform that 'Win32.Detnat.a' is a
Network worm that infects uncompressed PE (Portable
Executable) files. With its unique algorithm and polymorphic
nature, the worm employs a different mode of encryption
each time it infects a file, while keeping the file
size unchanged, making it hard to detect.
Detnat.a spreads on shared network resources and
file sharing programs. At the second level of attack,
the worm goes ahead and downloads 'Infostealer.Lineage',
a Trojan that steals usernames and passwords of popular
online game 'Lineage' and passes it on to the remote
attacker. With its dynamic nature, Detnat can invite
any other Trojan as well, if the writer of the worm
decides so.
"One needs to be extremely careful while downloading
executable attachments via emails or from the Internet,"
said Aneesh Paliwal, Security Analyst, MicroWorld
Technologies. "A single infection in a workstation
can proliferate wide in shared networks in no time
and people using file sharing programs are particularly
vulnerable to this mode of data corruption and theft."
Individual Users and subgroups can freely exchange
files in the internal networks of most organizations.
This makes it easier for the spreading routine of
a worm like Detnat. If the worm stations itself in
the startup folder of the workstation connected to
a network, then it will come back every time when
that computer reboots, even if one cleans up the entire
network. In a more targeted operation, an attacker
hitting the Server can ensure that every user logging
on to that Server gets infected, pointed out Aneesh
Paliwal .
In March, MicroWorld had reported about the Antinny
worm which infects the Japanese file sharing program
Winny. Top-secret military information, business documents
of hundreds of corporate firms, confidential data
of 'Liberal Democratic Party' and a thousand others
were all floating over the Internet, creating an enormous
flood of information leakage in Japan, thanks to Antinny.
"A large number of new and emerging Viruses
and worms are targeting enterprises and their external
and internal networks, to carry out a whole lot of
nefarious activities," observed Govind Rammurthy,
CEO, MicroWorld Technologies.
"Often, malware creeps in through those vulnerabilities
that we tend to overlook. One needs to safeguard the
corporate email system, intranet and total Internet
Access with great vigil as network infections can
severely impact the Business Continuity of enterprises."
MicroWorld
MicroWorld (www.mwti.net
) is the developer of the world's first Real-Time
Anti-Virus and Content Security software eScan
for desktops and servers. Its communication security
software,
MailScan is the first comprehensive e-mail
scanner for your SMTP/POP3 Mail Server. MicroWorld
Winsock Layer (MWL) is the revolutionary technology
underlying these products, powering them to several
certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin,
Checkmark, TUCOWS, Red Hat Ready, and Novell Ready.
Combining their powerful scanner with MWL technology,
MicroWorld solutions provide a Real-Time Proactive
security for your systems. For network security of
enterprises, eConceal Firewall is the latest powerful
offering from MicroWorld.
To learn more, kindly visit http://www.mwti.net.
