Difference between revisions of "Win32/Vundo"
Jump to navigation
Jump to search
(Created page with "{{Publication |Botnet=Vundo, |Year=2013 |Date=2013-10-07 |Editor=Microsoft |Link=http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Win32%2fVundo |Au...") |
|||
Line 7: | Line 7: | ||
|Author=Jaime Wong, Jireh Sanico, | |Author=Jaime Wong, Jireh Sanico, | ||
|Type=Threat entry | |Type=Threat entry | ||
|Abstract=Win32/Vundo is a multiple-component family of malware that delivers "out of context" pop-up advertisements. Variants of the family may also download and run other files, including malware and adware. | |||
Vundo is often installed as a browser helper object (BHO) without your consent, by other malware. | |||
This family uses advanced defensive and stealth techniques to escape detection and to hinder removal. | |||
}} | }} |
Latest revision as of 21:22, 31 July 2015
(Publication) Google search: [1]
Win32/Vundo | |
---|---|
Botnet | Vundo |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2013 / 2013-10-07 |
Editor/Conference | Microsoft |
Link | http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Win32%2fVundo (Archive copy) |
Author | Jaime Wong, Jireh Sanico |
Type | Threat entry |
Abstract
“ Win32/Vundo is a multiple-component family of malware that delivers "out of context" pop-up advertisements. Variants of the family may also download and run other files, including malware and adware.
Vundo is often installed as a browser helper object (BHO) without your consent, by other malware.
This family uses advanced defensive and stealth techniques to escape detection and to hinder removal.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR2106, editor = {Microsoft}, author = {Jaime Wong, Jireh Sanico}, title = {Win32/Vundo}, date = {07}, month = Oct, year = {2013}, howpublished = {\url{http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=Win32%2fVundo}}, }