Windows worm numbers 'skyrocket'

Jan 19, 2009, 19:04 (32 Talkback[s])

"According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.

"It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service."
Funny how the elderly Unix system of file permissions and ownership foils this sort of attack quite neatly. Oh wait I forgot, malware authors only attack The Most Popular OS--ed.

Complete Story

Related Stories:

• Editor's Note: Instead of Throwing Everyone In Jail, Fix Your Lousy Products(Dec 06, 2008)
• Virus Hits Nearly 75% of Systems on Afghanistan Military Base(Dec 03, 2008)
• cRAZY mAD wITH spam(Nov 16, 2008)
• Researchers Hijack Storm Worm to Track Profits(Nov 11, 2008)
• The Cyber Crime Hall of Fame(Sep 10, 2008)
• Password Stealing Worm Catches NASA Napping: Houston, we have a virus.(Aug 28, 2008)
• Trend Micro: Antivirus Industry Lied for 20 Years(Jul 17, 2008)