According to news reports from the US, the ChangeUp worm is a fast-spreading attack designed to spread via network shared drives. Once systems are infected with ChangeUp, the worm contacts a remote server to download additional malware, which can range from banking Trojans to keystroke loggers designed to record keystrokes to steal account credentials. ChangeUp also was programmed to dynamically generate URLs to download its malware payload. The malware author behind the attacks constantly changes it in an effort to evade detection by antivirus and network security appliances. Symantec and several other security firms warned in November that a new variant was detected spreading in the wild.
- REGINE HARTMANN
- InfoSecurity
- Posted On