Stay Alert As New Digital Plagues Are Spreading

Posted: February 13, 2014 in IT Security News
Tags: , , ,

Careto VirusThe viruses black business is raging again: keep your eyes open as two sophisticated threats paralyze computers worldwide.

Kaspersky Lab specialists reported a range of unique Careto virus capabilities has been discovered – the neoteric spawn of evil infects computers regardless of an operating system installed. A Trojan by its very nature, Careto carries myriads of modules in its malicious code, which enables it to be modified effortlessly. Careto nourishes a special interest to credentials, passwords, encryption keys, the network connection data and lots of other stuff. The virus was given such name because of the presence of Careto word in its code that means a ‘mug’ in Spanish. At the moment it is known about the infection cases of both Windows and Mac OS devices.

According to experts, the virus code and its distribution mechanism allows infecting machines that work under Linux, iOS and Android. A targeted attack has undergone a total of 380 important goals in over 31 countries. According to analysts, Careto aims at hitting state organizations, diplomatic offices and embassies, large companies, research organizations and political activists. However, the approximate numbers of users infected are not yet announced.

Careto is distributed via phishing techniques: the user receives a link to the video, clicks on it and gets redirected to a phishing site, where a virus infects a computer. At the malicious site an operating system of the victim is detected and an appropriate version of the virus steps on. To mask the infection further, the user gets to the link with the video once the job is done.

Careto virus code

After some time, the virus intercepts all communication channels and computer collects a variety of data: documents, settings, passwords and heaps of other information stored on a computer. Furthermore, due to its modular structure Careto can load the necessary components to perform other malicious tasks. The virus also savvy at hiding traces of its presence, plus it is actively utilizing system vulnerabilities in software and even antiviruses.

An extremely smart design of the virus in conjunction with dotted attacks has prompted experts to suggest that Careto represents an expensive professional development designed for espionage purposes. The use of Spanish title can either serve as a blind or really point to Spanish roots of development, which gives nothing but only narrows the circle of potential creators to several regions.

Careto Virus Countries

Image source: http://www.kaspersky.com/

The nightmare is not over

Unfortunately, Careto is not the only reason to worry about. Emsisoft antivirus developers have discovered a new type of threat that infects computers and turns them into Bitcoin miners. A malicious program has been given a name of called Trojan-Ransom.Win32.Linkup.

Bitcoin mining is an extremely resource-intensive process that consumes a lion’s share of performance capabilities, hindering PC’s work. According to the mechanism of Linkup work, the Trojan is supposed to be penetrating the victim’s computer under the guise of a harmless program. The virus can take a form of a software upgrade, file or any other executable file. After the first launch, Linkup repeatedly copies itself and spreads throughout the system and begins generating Bitcoins.

It is also reported of a huge number of computers infected with a so-called ‘locker’ virus, serving as a Linkup distributor. This ‘locker’ intercepts control over access to the Internet and leads a victim to fake websites. At this site an accusation message is published that blames you for viewing inappropriate content and requests to pay a fine, which is supposed to be paid via the user’s credit card. In addition to blocking internet access and credit card data theft, the virus also establishes Linkup ‘backoffice’. In this regard, experts recommend not to run programs, archives and other files that are received from doubtful persons or arouse suspicion.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s