Microsoft warns of increased rootkit infections

By Stuart Sumner
10 Dec 2012 View Comments
malware virus security threat

Microsoft has warned that a piece of malware known as "Necurs" is on the rise, with variants reported on 83,427 machines in November.

The malware is usually distributed by drive-by download, meaning simply visiting an infected website is enough to transfer the malware to the user's machine.

Further reading

Microsoft said that Necurs enables additional malware to be downloaded on an infected machine, while hiding itself from the user and security software, and indeed preventing many security functions from working properly.

"In addition, Necurs contains backdoor functionality, allowing remote access and control of the infected computer," wrote Microsoft in its security blog.

"Necurs also monitors and filters network activity and has been observed to send spam and install rogue security software. Nefariousness aplenty."

The firm added that it has had "reports from a number of users stating that they're having trouble with the Microsoft Security Essentials real-time protection option being turned off after their computer has rebooted."

It is recommended that firms follow security best practice to minimise the risk of malware infection, including ensuring that all endpoints and servers are up to date with the latest patches, and that users are educated to avoid potentially infected sites, and to warn the IT department should they suspect that their system is carrying malware.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 9 - what do you want?

What would your business require from Windows 9 "Threshold" to make it an attractive proposition?

32 %
4 %
8 %
7 %
49 %