Old malware rears its ugly head in new attacks: ESET
- 16 February, 2016 16:40
An infamous piece of malware called Bayrob, first discovered in 2007, has begun to show up disproportionately, targeting A/NZ.
IT security company, ESET, has revealed that more than nine per cent of all malware detected in Australia by its security systems in January 2016 was Bayrob.
The matching statistic for New Zealand was more than seven per cent and this made Bayrob the most common form of malware in both countries during the first month of the year.
ESET malware analyst, Diego Perez Magallanes, described Bayrob as a typical botnet malware.
“It is capable of updating itself, downloading files or sending information. This makes it dangerous, since at every moment there is the risk that the infected machine downloads and runs some damaging malware, for example ransomware that encrypts files on the computer,” he added.
Recent Bayrob malware attacks have been focused on several countries, including Spain (22 per cent of total attacks), followed by Austria and Germany (19 per cent and 15 per cent respectively).
The botnet malware is distinctly more active in Australasia in comparison to global activity, with Australia culminating at 9.4 per cent, and New Zealand at 7.67 per cent, compared to 2.73 per cent globally.
ESET senior research fellow, Nick FitzGerald, recommended users to beware of emails from fake accounts to avoid falling victim to the resurgent malware.
“Check carefully who the email is from, and if the email address indicates the email sender is from a different organisation to the one they claim to be representing, do not respond or open anything attached to that email,” he advised.“Bayrob malware is typically distributed as email attachments to download. Watch out for executable files disguised as ZIP files. If run, Bayrob displays a message suggesting to the user the downloaded file is incompatible with the system, while it is actually already releasing a Trojan that aims to steal information from the victim’s computer and possibly download further malware.”