There’s a new worm in town. It’s known as the “Morto Worm”. It uses Remote Desktop Protocol (RDP) to get around. In fact, this is the first worm to utilize that protocol.
“Once a machine gets infected, the Morto worm starts scanning the local network for machines that have Remote Desktop Connection enabled,” explains F-Secure. “This creates a lot of traffic for port 3389/TCP, which is the RDP port.”
Once a machine is found, the worm tried a brute-force attack to gain access to the administrtaor account of the target system. It does this by trying 30 or so common passwords such as admin, password, 111111, 12345, etc.
Once the target system is compromised, the worm then proceeds to download additional information to update it’s components via a remote server. In addition, it also disables onboard security applications to ensure it doesn’t have any interferance.
According to Microsoft, Morto’s main functionality seems to be launching DDoS attacks against attacker-specified targets.
Not only is Morto capable of infecting both Windows workstations and servers, but having a completely patched system doesn’t offer any protection. Morto doesn’t rely on exploited vulnerabilities to get access. Instead, it relies on the existance of weak administrator passwords.
In addition to making sure that your AntiVirus solution is up-to-date, it is also recommended that users change their admininstrator password, or disable RDP if it’s not required.
A while back, I blogged on a new email making the rounds that imformed the recipient that they were caught speeding, and that the ticket was attached to the email. Well, this particular email has just been bumped to MALWARE status. Iin this new email, one the attachment is opened, it opens a connection to a russian website, and proceeds to download more Mal-Ware. Just what we need, more Mal-Ware!
The long and short of it is, keep your anti-virus up to date, and be ever vigilant when it comes to your email.
NSS labs recently conducted a global test from May 27 through June 10 of this year, in which 5 of the most popular web browsers were evaluated to see which one was the best at identifying and intercepting attacks aimed at making the user download internet based Mal-Ware.
IE9, Chrome 12, Firefox 4, Safari 5, and Opera 11 were each tested with 1188 malicious URLs.
The results for IE9 were almost perfect, with a whopping 96% blocked with its “URL Reputation Filter” enabled, and another 3.2% blocked when its “Application Reputation Filter” was activated.
The results for the rest of the browsers paled in comparion.
Chrome – 13.2% blocked
Firefox – 7.6% blocked
Safari – 7.6% blocked
Opera – 6.1% blocked
However, there was good news. Internet Explorer, Chrome & Opera showed and improvement over last year’s results of the same test.
To read the entire document published by NSS Labs, click here.
Slowcomputeritis, is a serious problem. Many people and organizations suffer from its harmful effects daily. Thankfully, we have found a cure.
At TSG Computer Services, we have seen more than our fair share of slow computers. But once we are finished with them, they run faster than ever. This is from a satisifed customer, “….my laptop seems more efficient and quieter than when I got it brand new; runs like a well conditioned athlete now.”
People often think that a slow computer is indicative of a failing computer. Sometimes it is, but more often than not, it just needs to be cleaned up. A PC is not unlike a car, in that it needs regular maintenance for it to perform its best. Without regular maintenance, a PC can become so slow that it literally starts to fail. We have seen 2 year old systems that were inundated with so much crap, that they took forever to perform the simplest of tasks. Systems that had 20+ viruses, and over 500 peices of malware on them. When a computer is in this state, productivity comes to a grinding halt. Our job is to bring these systems back to life, and make productivity losses a thing of the past.
Unfortunately, the computer service industry has been forced into a “fix it and forget it” mentality. People assume that because a computer is fixed, it wil stay fixed (at least until the next time it breaks). What people don’t realize is that a lot of computer problems like computer slowdowns, viral infections and some system errors can be eliminated. All these problems stem from one thing. Malware.
Malware is defined as MALicious softWARE (spyware, rogueware, phishing, spear phishing, ransom-ware). Once these programs are on your system, they often invite/download other programs to your computer as well. Unfortunately, you’ll never notice your computer getting slow until you are seriously infected with many MALWARE programs. At this point your computer is SICK. Time to call the Doc. What if the Doc could be avoided by some preventative medicine?
That is exactly what we offer our clients. A scheduled preventative measure that ensures that your PC(s) are not only MALWARE and VIRUS free, but also optimized to ensure productivity never takes a back seat again.
If this interests you, contact us today. $1000.00 on a new system is a lot of money to waste.