Posts Tagged ‘Nitol’

MicrosoftNitol botnet distributed with the downloadable file that contains the DLL module.

Microsoft has conducted an analysis of the source code botnet Nitol, whose work was recently stopped in Operation “Operation b70”. Recall that during the operation, employees uncovered a scheme in which the attackers spread the virus even at the stage of production of computers, and some buyers in China with pre-purchased equipment botnet client.

Expert analysis indicated that a family of viruses Nitol, probably part of the general class of instruments DDoS. Many variants of this virus contains elements copied from other malicious programs used for the organization of distributed denial of service attacks.

Most of the detected in the study of modifications Nitol has two main components: an executable loader and component libraries. When running on a system boot installs DLL, in most cases, removing it from its own resources, and sets it as a service or driver. Some library modules run immediately after installation by calling the main function of the DLL from the executables, and some run only after a reboot. (more…)

laptop virusAs the experience of one Chinese, now for infection by computer virus not have to open suspicious links and visit porn sites. In some cases, computers are sold with pre-installed malware. Shenzhen is a resident bought a new laptop. As soon as he turned on the computer, he began to live his own life – began to search the Internet for other computer to be part of the hacker network for attacks on sites, hacking bank accounts and steal personal user data.

Virus activity could immediately identify as laptop owner was a member of Team Microsoft, investigating the sale of counterfeit software. Similar viruses were later discovered this team in four new laptops. (more…)