NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

New malware exploiting Windows Autorun spreads


A new malware is now exploiting the AutoRun feature in computers running Microsoft Windows, despite recent patches that disable the feature, a security vendor reported.
 
Sophos said many antivirus vendors noticed a significant increase in infection despite the fact that Windows 7 and 8 will not launch Autorun.inf files.
 
"While the basic components of this malware have been around for some time, it has become considerably more aggressive in its latest iteration," Sophos' Chester Wisniewski said in a blog post.
 
He said the campaign infects PCs with the W32/VBNA-X worm, which exploits the autorun.inf files. Autorun.inf lets programs in removable media run automatically in Windows.
 
But Microsoft has since released updates for Windows XP, 2003 and Vista since 2011 to disable Autorun to prevent infection.
 
Wisniewski theorized that while most modern PCs will ignore autorun.inf, infections may be occurring due to "clever social engineering, poor default settings and user carelessness."
 
He said cybercriminals may have created autorun.inf files for victims using unpatched PCs, and fooling them into clicking to open the malware.
 
The malware, which has an .exe extension, will try to hide file extensions so they can be disguised as other types of files such as .doc or .pdf files.
 
"I can easily see how people browsing file shares and USB drives could accidentally click the wrong folder, especially if the real folders are set to hidden," Wisniewski said.
 
On the other hand, he said W32/VBNA-X is polymorphic and will seek to hide itself from antivirus software.
 
Upon installation, the malware will contact a command-and-control server to receive further instructions, using port 9003 or 9004.
 
Wisniewski advised users to keep their anti-virus programs up to date, and ensure Autorun is totally disabled on all Windows operating systems.
 
"Make sure your standard Windows images and group policies are configured to show file extensions and hidden files," he added.  — ELR, GMA News
Tags: autorun, malware
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular