September 24, 2014
The most affected countries are Mexico and Peru. The threat spreads through USB devices, allowing an easy and fast infection to other systems.
According to data from ESET, the VBS / Agent.NDH family is one of the threats with the highest spread rate in Latin America. The countries most affected worldwide correspond to this region, concentrating almost 60% of detections so far in 2014.
Nine of the fifteen countries with the highest detections of this family of malicious codes are from Latin America, with Mexico and Peru leading the ranking worldwide:
It is a worm with spreading capabilities similar to those of the Win32 / Dorkbot family, which has the ability to infect USB devices. ESET security solutions detect this threat as VBS / Agent.NDH. It is developed in Visual Basic Script (VBScript) and affects Windows operating systems.
This threat reaches a system as a file downloaded by other malware or when a user visits a malicious website and unknowingly downloads the malicious code. It also infects removable storage devices that are attached to or connected to the infected system.
The propagation of threats through USB devices and the use of direct links is a profitable technique for cybercriminals who bet on the ignorance of the user to infect their systems.
This spreading technique is detected by ESET products such as LNK / Agent.AK.
This worm can use the victim’s computer to “click” on advertisements with or without the victim’s permission, thereby increasing the popularity of a website or application that the attacker manages to earn money.
These types of actions are related to Black Hat SEO techniques with which attackers seek to position different sites among the first results of search engines. Among its capabilities is the possibility of sending orders and commands to carry out different actions remotely, which makes the team part of a botnet.
“It is a threat that performs several actions on the system and that are really significant. Its ability to spread through USB devices makes it very easy and fast to infect other systems, which shows that this method of propagation through direct access continues to be a trend today, ”said Pablo Ramos, security specialist at ESET Latin America. “We can even see that over the years, this continues to be an effective method of infection, which is due to the fact that users frequently overlook that removable devices are vectors for the spread of threats, and therefore do not take the necessary precautions to combat threats of this type. For this reason, it is important that they remember to have an updated security solution on their computers ”.
[+] Videos de nuestro canal de YouTube