IBM security researchers Qakbot Virus many Active Directory domains, the user can block his business found.
Active Directory is a directory developed by Microsoft for Windows domain network service. This process, and as a set of services for Windows Server operating system is included in most.
QakBOT virus attack was by banking malware. Malware first detected in 2009, it has been improving consistently. These companies know that their online bank account to escape targeted malware business. Malware features auto-sharing drives and removable media from the worms are replicating ability. This affects the system is capable of monitoring browser activities and finance related websites, all the data recorded.
IBM Active Directory blockages due to the impact of organizational network malware that is said for the first time.
“QakBot a modular and multi-threaded malware whose components online banking information theft, a backdoor functionality, a SOCKS proxy, comprehensive anti-search capabilities and anti-virus tools subvert the capacity (AV) is included. Your evasion techniques, given administrator privileges are in addition to the last point in the current version of the QakBot security software may disable running. ”
Malicious software QakBot banking holding dropper for dissemination and implementation of anti-virus to escape detection (10 to 15 minutes) to delay the delay function uses. The dropper and executes a process explorer.exe, for example, QakBot DLL, and then insert it delegates the original file.
Malware dropped once again to be repeated that uses a ping command to display the Ping utility. After completing the ping request, dropper main QakBot overwrites the contents of the order by the Windows Autoconv.exe.
QakBot virus or other malicious software to detect and identify, the organization of social engineering techniques to detect malware flexible solution to a real-time overview of the day, use and threat of scenario development should be addressed in earnest.