How much of a problem has Ramnit malware caused for your company?

ablake

I haven't seen any examples of Ramnit, the malware that is the current Facebook spread virus/worm, infecting our machines, but given the number of people who use Facebook and the number of those who are shockingly careless, I assume it is a matter of time. How much of a serious threat has Ramnit proved to be so far?

Topic: Security
Answer this Question

Answers

1 total
jimlynch
Vote Up (20)

I'm on Macs and Linux, so I haven't had a problem with it yet. It seems to be hitting WIndows users though. Here's a background article on it for those who might not be aware of it. It certainly seems like something to be avoided if it all possible.

Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords
http://arstechnica.com/business/news/2012/01/part-virus-part-botnet-spre...

"First sighted by researchers in 2010 in its initial form, Ramnit spreads by attaching itself to Windows executable files (.EXE. .SCR and .DLL files) as well as to HTML documents. In some variants spotted earlier this year by Microsoft researchers, it also attached itself to Microsoft Office documents. Versions have also been spotted that install themselves onto USB drives when they're connected, and create an Autorun script that launches the virus' installer when the drive is plugged into another PC.

Ramnit infections exploded in the summer of 2011. According to a report from Symantec, Ramnit accounted for over 17 percent of the malware blocked by the company's antivirus software in July. Researchers at the security firm Seculert found through the installation of a "sinkhole" that between September and December of 2011, over 800,000 individual Windows PCs were infected with the virus and reporting back to a command and control network.

However it arrives on a victim's PC, the virus runs an installer that unpacks Ramnit's payload on the system, changing Windows' registry file to automatically launch the malware at startup. Ramnit uses a hidden browser instance to create a communications link, establishing a connection to a hacker's command and control network. It can then load modules that inject JavaScript and HTML into web browser sessions on the infected machine—a capability borrowed from the Zeus botnet, Klein told us.

Ask a question

Join Now or Sign In to ask a question.
A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions it can collect data from, according to security vendor Avast.
It's not easy to figure out if your data has been collected by hackers, but an online tool has been expanded to hunt through one of the most prolific sources of leaked data, known as "pastes."
In the boardroom, when it comes to addressing the topic of security, there's tension on both sides of the table.
Miffed certificate authorities are calling on Google to give websites more time to upgrade the security used in browser-to-server communications before displaying warnings in Chrome.
What goes through the mind of a CSO/CISO upon being told by his or her team that their organization has been breached?
A security researcher has found that the malware used in the Home Depot and Target breaches are unrelated and cannot be used as an indicator that the same group is behind the attacks.
As VMware sells its network virtualization software, it's finding that security is a big driver for adoption.
Google fielded 19 percent more requests from the U.S. government for data on its users in the first half of this year compared to the second half of last year, the company said Monday.
What should happen to your personal digital communications -- emails, chats, photos and the like -- after you die? Should they be treated like physical letters for the purposes of a will?
A software development project launched Monday aims to create free tools that simplify the encryption of online forms of communication like email, instant messaging, SMS and more by solving the complexity associated with the exchange and management of encryption keys.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness