Password-stealing ‘dorkbot’ prowling in Indian cyberspace : The Tribune India

Join Whatsapp Channel

Password-stealing ‘dorkbot’ prowling in Indian cyberspace

NEW DELHI: Cyber security sleuths have alerted Indian internet users against the malicious activity of an online virus called ‘dorkbot’ which perpetrates itself through social networking sites and steals sensitive personal data and passwords of a user.

Password-stealing ‘dorkbot’ prowling in Indian cyberspace


New Delhi

Cyber security sleuths have alerted Indian internet users against the malicious activity of an online virus called ‘dorkbot’ which perpetrates itself through social networking sites and steals sensitive personal data and passwords of a user.

The malware, a variant of online virus and worm, has been specifically seen affecting operating systems running on Windows in the recent past.

“It has been observed that the variants of malware named as 'dorkbot' targeting windows operating systems, are spreading.

“The malware belongs to the family of worms having backdoor functionality and spreads through various vectors, including drive-by-download attacks, social networking sites and compromised websites with browser exploits via removable drives in the form of auto-run exploits or by means of malicious links in instant messaging chats or internet relay chats,” a latest advisory issued by the Computer Emergency Response Team of India (CERT-In) said.

The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain.

The deadly virus, with almost a dozen aliases, is capable of stealing sensitive information from infected machine including stored passwords, browser data, cookies and has a smart and lethal potential to take complete control of the affected system, it said.

The cyber security agency said the malware can hide itself by over-writing, can collect system information such as OS (operating system) information, user privileges and apps installed on the system and can act to aid remote access of the infected machine to an attacker.

It destructs and infects a system by acquiring fake identities of Facebook, Skype or any other social media platform and lowers its immunity against a potential virus attack.

"To hide itself from detecting by anti-virus solutions, the malware injects its code into files like cmd.exe, ipconfig.exe, regedit.exe, regsvr32.exe, rundll32.exe, verclsid.exe and explorer.exe," the advisory said.

The agency has suggested some counter-measures for users to deploy and guard against 'dorkbot'.

“Delete the system changes made by the malware such as files created, registry entries and services, etc, set internet and local intranet security zone settings to 'high' to block activeX controls and active scripting, scan infected system with updated versions of anti-virus solution, limit or eliminate the use of shared or group accounts and do not visit untrusted websites," it said.

It said attachments should not also be downloaded or opened in emails received from untrusted sources or unexpectedly received from trusted users. There should be enforcement of a strong password policy and implemention of regular password changes.

"Enable a personal firewall on workstation and configure email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files," it added. — PTI

Top News

Jailed gangster-politician Mukhtar Ansari dies of cardiac arrest

Jailed gangster-politician Mukhtar Ansari dies of cardiac arrest

Ansari was hospitalised after he complained of abdominal pai...

Delhi High Court dismisses PIL to remove Arvind Kejriwal from CM post after arrest

Delhi High Court dismisses PIL to remove Arvind Kejriwal from CM post after arrest

The bench refuses to comment on merits of the issue, saying ...

Arvind Kejriwal to be produced before Delhi court today as 6-day ED custody ends

Excise policy case: Delhi court extends ED custody of Chief Minister Arvind Kejriwal till April 1

In his submissions, Kejriwal said, ‘I am named by 4 witnesse...

‘Unwarranted, unacceptable’: India on US remarks on Delhi CM Arvind Kejriwal’s arrest

‘Unwarranted, unacceptable’: India on US remarks on Delhi CM Arvind Kejriwal’s arrest

MEA spokesperson says India is proud of its independent and ...

Gujarat court sentences former IPS officer Sanjiv Bhatt to 20 years in jail in 1996 drug case

Gujarat court sentences former IPS officer Sanjiv Bhatt to 20 years in jail in 1996 drug case

Bhatt, who was sacked from the force in 2015, is already beh...


Cities

View All