What the Computer Virus Mebroot Can Do to Your Computer and Network Security

Posted on July 30, 2010

Botnets are becoming more prevalent as malware technologies becomes more capable. One of the trickier pieces of malware that showed up back in 2008 is named Mebroot. This virus, which is still in the wild today, is a rootkit that alters a machines Master Boot Record permitting it to install even before the operating system of the computer installs, which protects it from desktop protection applications.

When prioritizing elements of enterprise network security, preventing malware like a rootkit that conceals itself and permits complete control of the machine is of highest priority. Mebroot alone is mostly harmless because it does not have any specific functions but becomes a enabler for other malware. The most virulent of these is Torpig, a massive botnet.

Torpig contains a number of different information stealing pieces of malware that analyze the infected machine for credentials, accounts and passwords as well as potentially allowing attackers full access to the system. In 2009 a team of researchers took control of the Torpig botnet for a period of ten days. During that period, they took in over 70GB of stolen information from botnet client systems.

Mebroot gets onto computers by a user browsing a website using a web browser that is older and has not been updated to fix the vulnerabilities that Mebroot uses to install itself on the user’s system. A good way to find Mebroot is with a network based detector, because the virus hides itself on the computer it is installed on which may make it unable to be found.

Only some anti-virus applications can find and remove Mebroot. If a system is rebooting or acting infected, yet no virus shows up in a scan, fixing the Master Boot Record on the machine will remove Mebroot if it installed. Searching the web for “Fix MBR” will turn up a few different ways to fix the Master Boot Record. After that is done, run a complete virus scan on the machine again to locate anything additional that was hidden.

The best way to go is to prevent system infection by keeping browsers patched, and running both host and network based malware detection systems that are constantly updated with real time information to stop any infection before it starts.

Get more information to help update your network security policy and defend against network security threats from your local IT Value Added Reseller that specializes in security.

» Filed Under Uncategorized

Comments

• Recently Written

  • Create A Review Site
  • Reseller Hosting – A Starting Point
  • Adsense Income through Micro Sites
  • four Rules For New Entrepreneurs – Sensible Tips For Starting Proper
  • “Do-It-Your self†Search Engine Optimisation (SEO) – Three Straightforward Steps
  • SEO – Free Downloads Equals Organic SEO
  • ~Interest Facts And Tricks Of Internet Marketing
  • Use These Video Marketing Tricks Right Now!
  • How To Find The Cheapest Broadband
  • Web Hosting Packages – Why Is Customer Service Important

• Categories

  • Flash Website Builder Templates
  • free flash website builder
  • Uncategorized

• Archives

  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • October 2009
  • September 2009

• Blogroll

  • flash templates

• Search

• Recent Comments