Thanks for this information Amar. I have evidenced this kind of attack recently at one of my friends home. The more important lesson that is to be understood now is that In view of Cyber War or Digital War, Malware being developed need not be sophisticated. It can be as simple it can be. For an example only 100 chars or 1 line program which can destroy Hard Disk. The intension of malware in this digital war shall be destruction of assets or information. The malware which I have evidence was converting all the content to its own format and giving .lnk folders/files of whatever names existed in the directories. And these .lnk are neither links to the actuall content but to .scr related file which gets executed whenever you try to open any file/folder. This concept has full scope to undertake the control when compare to just the autorun.inf based infections. The interesting fact was it is hiding the original content not known to anyone and auto transfered/infected to removable drives only. It will not touch any of the HDD drives or sub folders etc. Though it has its own mechanism of activating itself and running continously as a service, shell and process.
In this case, data / information security and privacy / confidentiality are even more important to every individual than everyone thought so far. Every individual is responsible for everyones security and privacy. One recommendation that I would like to do to entire team here is: start testing your application for vulnerabilities along with malware research/analysis in mind. Because our objective shall not just be to secure application also findout the potential of exploitation by any means and the impact by studying upto date cyber attacks / articles / etc. This only will reduce potential of exploitation of any website and stop infecting/hacking any systems/users. Regards Sandeep Thakur. -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
