Upload
cxo-community
View
2.045
Download
2
Embed Size (px)
DESCRIPTION
Presentacion de Dmitry Bestuzhev, Analista superior para América Latina de Kaspersky, sobre "Top Malware - Mes Junio 2009".
Citation preview
Copyright 2009. All Rights Reserved. 1June 16, 2009 Copyright 2009. All Rights Reserved. 1June 16, 2009 Copyright 2009. All Rights Reserved. 1June 16, 2009
Top Malware – Mayo 2009Dmitry Bestuzhev
Analista superior para América LatinaJunio 2009
Copyright 2009. All Rights Reserved. 2June 16, 2009 Copyright 2009. All Rights Reserved. 2June 16, 2009 Copyright 2009. All Rights Reserved. 2June 16, 2009
Top 20 malware en Mayo 2009Position Change in position Name1 0 Net-Worm.Win32.Kido.ih2 0 Virus.Win32.Sality.aa3 0 Trojan-Dropper.Win32.Flystud.ko 4 1 Trojan.Win32.Autoit.ci 5 8 Trojan.JS.Agent.xy6 3 Exploit.HTML.CodeBaseExec7 -1 Trojan-Downloader.Win32.VB.eql 8 -4 Trojan.Win32.Chifrax.a9 3 Virus.Win32.Virut.ce 10 1 Virus.Win32.Sality.z 11 -3 Worm.Win32.AutoRun.dui 12 -5 Packed.Win32.Krap.b 13 -3 Packed.Win32.Black.a 14 0 Worm.Win32.Mabezat.b15 0 Virus.Win32.Alman.b16 1 Packed.Win32.Klone.bj 17 New P2P-Worm.Win32.Palevo.ddm 18 New Trojan.Win32.Swizzor.a 19 0 Exploit.JS.Agent.agc20 0 Email-Worm.Win32.Brontok.q
Copyright 2009. All Rights Reserved. 3June 16, 2009 Copyright 2009. All Rights Reserved. 3June 16, 2009 Copyright 2009. All Rights Reserved. 3June 16, 2009
Net-Worm.Win32.Kido.ih (Conficker)
• Copias de Windows piratas
• Autorun de Windows
• Contraseñas débiles
• Falta de políticas de seguridad y mejores prácticas
• Falta de educación y concientización de los usuarios finales
Factores para prevalecer
Copyright 2009. All Rights Reserved. 4June 16, 2009 Copyright 2009. All Rights Reserved. 4June 16, 2009 Copyright 2009. All Rights Reserved. 4June 16, 2009
Net-Worm.Win32.Kido.ih (Conficker)
Copyright 2009. All Rights Reserved. 5June 16, 2009 Copyright 2009. All Rights Reserved. 5June 16, 2009 Copyright 2009. All Rights Reserved. 5June 16, 2009
Virus.Win32.Sality.aa
• Medios de distribución
– Páginas Web (software pirata)
– Medios de almacenamiento USB
• Funcionamiento
– Infección de los archivos legítimos del sistema
– Infección de las aplicaciones de los usuarios
– Uso del autorun.inf en los medios extraíbles para futuras infecciones
Breves rasgos
Copyright 2009. All Rights Reserved. 6June 16, 2009 Copyright 2009. All Rights Reserved. 6June 16, 2009 Copyright 2009. All Rights Reserved. 6June 16, 2009
Virus.Win32.Sality.aa
• Infecciones a partir de los archivos .doc
• Hecho en Visual Basic
• Sistema operativo del criminal está en Español
“Hecho en casa”
Copyright 2009. All Rights Reserved. 7June 16, 2009 Copyright 2009. All Rights Reserved. 7June 16, 2009 Copyright 2009. All Rights Reserved. 7June 16, 2009 Copyright 2009. All Rights Reserved. 7June 16, 2009
Top 5 – América Latina
Copyright 2009. All Rights Reserved. 8June 16, 2009 Copyright 2009. All Rights Reserved. 8June 16, 2009 Copyright 2009. All Rights Reserved. 8June 16, 2009
Top 5 malware en América Latina
Copyright 2009. All Rights Reserved. 9June 16, 2009 Copyright 2009. All Rights Reserved. 9June 16, 2009 Copyright 2009. All Rights Reserved. 9June 16, 2009
Trojan-Downloader.Win32.BanloadersEsquemas del funcionamiento clásico
Copyright 2009. All Rights Reserved. 10June 16, 2009 Copyright 2009. All Rights Reserved. 10June 16, 2009 Copyright 2009. All Rights Reserved. 10June 16, 2009
El Rol de los datos robados E-mail
Robo de emails
Acceso a Web 2.0 (orkut)
Infección a otros
Nuevo robode dinero
Robo de dinero
Copyright 2009. All Rights Reserved. 11June 16, 2009 Copyright 2009. All Rights Reserved. 11June 16, 2009 Copyright 2009. All Rights Reserved. 11June 16, 2009
E-mails robadosAlmacenamiento en la Web
Copyright 2009. All Rights Reserved. 12June 16, 2009 Copyright 2009. All Rights Reserved. 12June 16, 2009 Copyright 2009. All Rights Reserved. 12June 16, 2009
Rol de Web 2.0
• Robo a través de Cookies del navegador
• Programas espías del teclado
• Según ComScore, para Agosto de 2008, Orkut tenía 15,5 millones de usuarios registrados.
Orkut, Twitter, Facebook …
Copyright 2009. All Rights Reserved. 13June 16, 2009 Copyright 2009. All Rights Reserved. 13June 16, 2009 Copyright 2009. All Rights Reserved. 13June 16, 2009
Rol de Web 2.0Orkut
Copyright 2009. All Rights Reserved. 14June 16, 2009 Copyright 2009. All Rights Reserved. 14June 16, 2009 Copyright 2009. All Rights Reserved. 14June 16, 2009
Web 2.0 MalwareName of malicious program Detection time Update released
16 June 2009Net-Worm.Win32.Koobface.aal 11:24 Net-Worm.Win32.Koobface.aak 11:24 Net-Worm.Win32.Koobface.aaj 09:46 Net-Worm.Win32.Koobface.aai 08:57 Net-Worm.Win32.Koobface.aag 08:43 Net-Worm.Win32.Koobface.aah 08:43 Net-Worm.Win32.Koobface.aae 08:29 Net-Worm.Win32.Koobface.aaf 08:29 Net-Worm.Win32.Koobface.aad 08:29 Net-Worm.Win32.Koobface.aac 03:07 08:44Net-Worm.Win32.Koobface.aab 02:46 08:44Net-Worm.Win32.Koobface.aaa 01:08 08:44
15 June 2009Net-Worm.Win32.Koobface.zz 23:51 08:44Net-Worm.Win32.Koobface.zy 22:55 08:44Net-Worm.Win32.Koobface.zx 22:41 08:44Net-Worm.Win32.Koobface.zw 22:13 08:44Net-Worm.Win32.Koobface.zv 21:38 08:44Net-Worm.Win32.Koobface.zu 20:05 08:44Net-Worm.Win32.Koobface.zt 17:13 08:44Net-Worm.Win32.Koobface.zs 15:35 08:44Net-Worm.Win32.Koobface.zr 15:22 08:44Net-Worm.Win32.Koobface.zq 15:13 08:44Net-Worm.Win32.Koobface.zp 12:20 08:43Net-Worm.Win32.Koobface.zo 12:16 08:43Net-Worm.Win32.Koobface.zk 11:59 16:11Net-Worm.Win32.Koobface.zl 11:59 16:11Net-Worm.Win32.Koobface.zm 11:59 16:11Net-Worm.Win32.Koobface.zn 11:59 16:11Net-Worm.Win32.Koobface.zj 11:45 16:11Net-Worm.Win32.Koobface.zi 11:38 16:111 | 2 | 3 | 4 | 5 | Next Page >> | Last Page
Copyright 2009. All Rights Reserved. 15June 16, 2009 Copyright 2009. All Rights Reserved. 15June 16, 2009 Copyright 2009. All Rights Reserved. 15June 16, 2009
Muchas graciasDmitry Bestuzhev
Analista superior para América Latina