It has been over a decade since the famous ILOVEYOU virus was let loose on the world, MyDoom was considered an email menace back in the day, and the Slammer virus is remembered for crashing the Bank of America's ATM service.
Computer viruses and worms were once common but have now given way to more sophisticated and varied threats, including illicit cryptocurrency miners, Trojans, ransomware, and highly complex surveillance software designed to infiltrate mobile devices.
However, sometimes there is a blast from the past -- as in the recent case of KBOT, a new virus making the rounds.
The new malware was spotted by Kaspersky researchers. In a blog post on Monday, Kaspersky's Anna Malina said KBOT, a virus that spreads by injecting malicious code into Windows executable files, is the "first "living" virus in recent years that we have spotted in the wild."
See also: This Trojan hijacks your smartphone to send offensive text messages
KBOT is able to spread through Internet-facing systems, local networks, and removable drives. Once a system is infected, the malware writes itself to Startup and the Task Scheduler, infecting all .exe files on logical drives and shared network folders in its path.
While scanning drives, the virus will add polymorphic code to .exe files and override functions of the IWbemObjectSink interface, a feature of Win32 apps. KBOT will also listen to connection events between logical drives and will use the API functions NetServerEnum and NetShareEnum to retrieve paths to other ..
Support the originator by clicking the read the rest link below.
