태터데스크 관리자

도움말
닫기
적용하기   첫페이지 만들기

태터데스크 메시지

저장하였습니다.

'Downadup'에 해당되는 글 1건

  1. 2009.06.05 [Symantec] The Downadup Codex Edition 2.0
악성코드자료2009.06.05 14:34


http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed2.pdf


사용자 삽입 이미지

It seems that the Downadup family of worms is gone but not forgotten. Or is it the other way around?

Media attention for Downadup has waned since early April. The last variant of the threat, W32.Downadup.E, included a “self-destruct sequence” effectively deleting itself as of May 3, 2009. Has the death toll for Downadup chimed, effectively moving it to the historical annals of malicious code?

Not in the least—Downadup is still very much alive and kicking around out there. While the threat is no longer spreading with the same fervor as it did at the beginning of the year, its infection numbers are not falling off as you would expect if we were looking at the cleanup period of a has-been threat. Let’s take a look at some rough data that we’ve collected here in Security Response.

This data represents the number of new Downadup infections reported to our sensors per day. We’ve started from May 3, the day W32.Downadup.E removed itself from the computers it compromised and the last high-profile activity by the threat.  Notice that while there is a slight decline over the month, the numbers remain quite steady.

The point here is that Downadup is just as relevant today as it was during the peak of media attention. With that in mind, we have compiled another edition of The Downadup Codex. Once again, it compiles the blog entries that we have written, including eight new ones. We’ve also updated the historical introduction to bring us up-to-date. Finally, we’ve added two new appendices to the codex, one that details the various features of each variant, and one that offers advice on how to find Downadup infections.

While possibly forgotten, but not gone, Downadup still needs attention in order to be properly moved from today’s threat landscape to the annals of malicious code. With that in mind, we present The Downadup Codex, Edition 2.0.

Posted by viruslab