If you are still running an unpatched installation of the latest versions of Windows, you could potentially be at risk — high risk. A new form of malware has reared its ugly head, one that exploits a four-year-old Autorun bug on Windows 7 and Windows 8.
Several security companies have let out warnings that an ever-increasing number of computers are getting infected with this malware.
The main component of the malware is W32/VBNA-X, though variants including W32/VBNA-U, W32/VBNA-Z, W32-VBNA-AA and W32/VBNA-AB have also been spotted — in true Hydra fashion.
Security firm Sophos warns that the infection is triggered when a portable media storage device (for example a USB flash drive) is inserted by a user on his computer. Worse yet, that’s not the only way it spreads.
Once the infected file is clicked, the malware is also known to spread through networks. The malware has also been traced to spread infected files on Facebook, creating executable files on target computers using adult names, tricking users into clicking them.
After affecting a computer, the malware connects to a command-and-control server in an attempt to download even more Trojans and malicious software, as it steals banking and financial data on the infected computer. Chester Wisniewski over at Sophos states:
“It appears to be a cocktail of clever social engineering, poor default settings and user carelessness. You would hope this technique wouldn’t be too effective on today’s PCs, though. While the basic components of this malware have been around for some time, it has become considerably more aggressive in its latest iteration”.
Users are recommended to not just update their security software, but also disable the Windows Autorun feature to be on the safe side:
“Ensure Autorun is totally disabled on all Windows operating systems and block all outbound connections to unknown ports and services on your gateway and client firewalls”.
The lengths cybercriminals go fulfill their vile plans.