来在咖啡官方的消息:
Today, Xinhua News Agency reported the arrest of several suspectsbelieved to have been behind the creation and propagation of the W32/Fujacks file infector worm a.k.a infected files with the Panda icon.
In the article, the official Chinese media cited an announcementfrom the Public Security Department of the Hubei Province naming 8suspects including a 25-year old believed to be “WhBoy”, the infamousnickname that is embedded in most variants of W32/Fujacks.
Xinhua’s article in Chinese:
http://news.xinhuanet.com/legal/2007-02/12/content_5731540.htm
Throughout 2006 and continuing into 2007, McAfee Avert Labs has beenclosely monitoring the trends of cyber criminal activities in Asia. W32/Fujacks, amongst other profit-motivated multi-vector attacks, spiked in 2006 and looks to be a trend that will continue in 2007.
Between Q3 and Q4 2006, we saw a spike in the number of reportedvariants of Asian password-stealers and related trojans and fileinfectors. We blogged about this phenomenon with W32/HLLP.Philisvariants in November 2006. What is really beyond these raw figureshowever is the increasing sophistication of Asian malware threats.
Both W32/HLLP.Philis and W32/Fujacksare more than the usual file infectors. These are multi-vector threats,usually including an aggressive downloader that updates itselffrequently, can infect both executable and non-executable filesover insecure media such as open network shares and USB drives, thusslipping through the cracks of loosely managed IT policies. Oncesuccessful, trusted media files can be further infected with maliciouscode or hyperlinks through PE file infection, web-based exploits over HTML or media files targeted against unpatched and vulnerable applications.
This approach of attacks on multiple system and user vulnerabilitiesat multiple layers dramatically increases the criminal opportunitiesfor these malware authors. Indeed, we have seen a comparable rise innumber of associated password-stealer variants reported - aconsiderable source of revenue for the worm seeders.
The lack of law enforcement in China in cyber crime has often beenattributed for the rise in malware threats propagating from thisregion. It is encouraging to see the start of what appears to be theend of the first major case of cyber crime in China with these arrests.At the same time, enterprises need to consistently review and tightenup their current IT strategies to protect against the sophisticatedattacks of today. |
