How much of a problem has Ramnit malware caused for your company?

ablake

I haven't seen any examples of Ramnit, the malware that is the current Facebook spread virus/worm, infecting our machines, but given the number of people who use Facebook and the number of those who are shockingly careless, I assume it is a matter of time. How much of a serious threat has Ramnit proved to be so far?

Topic: Security
Answer this Question

Answers

1 total
jimlynch
Vote Up (21)

I'm on Macs and Linux, so I haven't had a problem with it yet. It seems to be hitting WIndows users though. Here's a background article on it for those who might not be aware of it. It certainly seems like something to be avoided if it all possible.

Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords
http://arstechnica.com/business/news/2012/01/part-virus-part-botnet-spre...

"First sighted by researchers in 2010 in its initial form, Ramnit spreads by attaching itself to Windows executable files (.EXE. .SCR and .DLL files) as well as to HTML documents. In some variants spotted earlier this year by Microsoft researchers, it also attached itself to Microsoft Office documents. Versions have also been spotted that install themselves onto USB drives when they're connected, and create an Autorun script that launches the virus' installer when the drive is plugged into another PC.

Ramnit infections exploded in the summer of 2011. According to a report from Symantec, Ramnit accounted for over 17 percent of the malware blocked by the company's antivirus software in July. Researchers at the security firm Seculert found through the installation of a "sinkhole" that between September and December of 2011, over 800,000 individual Windows PCs were infected with the virus and reporting back to a command and control network.

However it arrives on a victim's PC, the virus runs an installer that unpacks Ramnit's payload on the system, changing Windows' registry file to automatically launch the malware at startup. Ramnit uses a hidden browser instance to create a communications link, establishing a connection to a hacker's command and control network. It can then load modules that inject JavaScript and HTML into web browser sessions on the infected machine—a capability borrowed from the Zeus botnet, Klein told us.

Ask a question

Join Now or Sign In to ask a question.
Many banks with less than $50 billion in assets have a problem that payment systems like Apple Pay will make even more attractive to exploit, a team of security researchers says.
Cisco Systems and Oracle are hard at work identifying networking and other products in their portfolios that are affected by the critical Shellshock vulnerability.
A privacy watchdog filed a complaint with the Federal Trade Commission against a community college district in Arizona that lost the personal data of 2.5 million students and employees in two data breaches.
China has effectively cleared the iPhone 6 for sale in the country, granting the product a license, but not before a government regulator demanded Apple make some security changes in the iOS operating system to fix suspected flaws in the software.
Updated patches are in the works, but criminals are targeting the flaw now.
Apple released a patch Monday for Shellshock, a serious software vulnerability disclosed last week, although the company had said it posed no risk to most users.
SuperValu, the grocery store operator hit by a cyberattack in June and July, has suffered a second attack on its payment processing system, it said Monday.
The CEO of a Pakistani company has been indicted in the U.S. for selling a product called StealthGenie that buyers could use to monitor calls, texts, videos and other communications on other people's mobile phones, the U.S. Department of Justice said.
National Security Agency is building its private cloud on commodity hardware, opens source software
Facebook knows more about your life than Google, and now the network is putting that information to good use--at least for advertisers who want to sell you stuff.

White Papers & Webcasts

See more White Papers | Webcasts