Menu
 Home
 Local News    
 Global News
 Technical & Product News
 Opinions
 Contact Us
 Subscribe/Unsubscribe
 
 Publications
 ICT World
 Cable Talk
 Computing S.A.
 Network World
 The Channel
 IT users handbook
 
 Sponsors
 ICT World Company Directory
 
 Partners
 CareerJunction
 Johnnic Mag Division
 
 Privacy Policy
 Privacy Policy
 
   
   

Network worm threatens enterprise security

Date: 11 July 2006
Issue: One Hundred and ninety four (10/7/06 - 14/7/06)
(ICT World)
Category: Technical & Product News
If you are used to sharing data over the Internet or your enterprise's intranet, apply caution! A network worm that will bring dangerous Trojans to your computer is on the prowl.

Security analysts at MicroWorld Technologies say that 'Win32.Detnat.a' is a network worm that infects uncompressed Portable Executable (PE) files. With its unique algorithm and polymorphic nature, the worm employs a different mode of encryption each time it infects a file, while keeping the file size unchanged, making it hard to detect.

Detnat.a spreads on shared network resources and file sharing programs. At the second level of attack, the worm goes ahead and downloads 'Infostealer.Lineage', a Trojan that steals usernames and passwords of popular online game 'Lineage' and passes it on to the remote attacker. With its dynamic nature, Detnat can invite any other Trojan as well, if the writer of the worm decides to.

One needs to be extremely careful while downloading executable attachments via e-mails or from the Internet, says Aneesh Paliwal, security analyst at MicroWorld Technologies. A single infection in a workstation can proliferate in shared networks in no time. People using file sharing programs are particularly vulnerable to this mode of data corruption and theft.

Individual users and subgroups can freely exchange files in the internal networks of most organisations. This makes it easier for the spreading routine of a worm like Detnat. If the worm stations itself in the start-up folder of the workstation connected to a network, then it will come back every time when that computer reboots, even if one cleans up the entire network. In a more targeted operation, an attacker hitting the server can ensure that every user logging on to that server gets infected, points out Paliwal.

A large number of new and emerging Viruses and worms are targeting enterprises and their external and internal networks, to carry out a whole lot of nefarious activities, observes Govind Rammurthy, CEO of MicroWorld Technologies. Often, malware creeps in through those vulnerabilities that we tend to overlook. One needs to safeguard the corporate e-mail system, intranet and total Internet access with great vigil as network infections can severely impact the business continuity of enterprises.