Disttrack malware overwrites files, infects MBR

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Disttrack malware overwrites files, infects MBR
Botnet DistTrack
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-08-17
Editor/Conference Trend Micro
Link http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr (Archive copy)
Author Cris Pantanilla
Type Blogpost

Abstract

Reports of Disttrack/Shamoon malware, which overwrites files and infects the Master Boot Record (MBR) of infected systems, have recently surfaced. Trend Micro detects the said WORM_DISTTRACK.A. Currently, its arrival method is still undetermined. It is found to spread to other computers by dropping copies of itself in administrative shares. Its dropped copy may use file names such as clean.exe or dvdquery.exe.

Bibtex

 @misc{Pantanilla2012BFR1108,
   editor = {Trend Micro},
   author = {Cris Pantanilla},
   title = {Disttrack malware overwrites files, infects MBR},
   date = {17},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr}},
 }