Trojan and Sality ‘predominant’ threats to SL cyberspace : ESET
View(s):A January 2014 Threat Radar Report by international antivirus (AV) firm ESET has signalled that this country is being affected by “two predominant viruses [continuing] to infest Sri Lanka’s cyberspace”. Highlighted in a statement issued by ESET’s sole agent in Sri Lanka, DCS International, it also additionally emerged that “[one] is the proverbial Trojan aptly named after the legendary Greek horse that brought down the impregnable Troy and the other Sality, which has wreaked its own havoc on local cyberspace”.
Elaborating further, the statement also noted; “Trojan is not new; it has been there and done its disruptive rounds for a while now. According to a sample survey carried out by ESET amongst users of their virus guard, it came to light that the Trojan virus (JS/TrojanDownloader.iframe.NKE) which can infect everything from files to the Operating System of a machine, stands at an infection rate of 7.00 per cent occupying top position of its kind. First detected in 2011, the nature of this deadly virus is that it redirects the browser to a specific URL location with malicious software, giving hackers all the information they want to create maximum damage”.
It also added; “The Sality virus, on the other hand, is said to be the classification for an entire family of malicious software (malware), which infects files on the Microsoft Windows system. ESET’s local threat report says that this virus has recorded an infection rate of 3.41 per cent (Win 32/ Sality and Win 32/Sality.NBA) and is considered an active virus in Sri Lanka”. Quoted in the statement, DCS International’s Director Shihan Annon made the following comments about the Sality virus; ““This is a virus that has seen so much spread in Sri Lanka… When it infests the system, the virus communicates from peer-to–peer, to generate spam. With a capacity to distribute the computing tasks across the network, the virus acts as a proxy and infiltrates your sensitive data in an attempt to compromise the web server… Since 2010, Sality was seen to have a root-kit function, remaining stealthy, thereby making its detection extremely hard. A sound virus that spreads rapidly, Sality is hard to remove. Whoever who sends this virus can take full control of your computer”.
Further, the statement also opined that, “from a user’s perspective, Sality can be considered a very destructive form of virus, even in comparison with other viruses… Sality has become a serious problem as it can bring the work of an entire organisation to a standstill in the event of a bug invasion”.
Additionally, Mr. Annon was quoted as explaining that “it can infiltrate a machine during a simple task such as the process of opening an email attachment, downloading information from the internet or transforming data from an USB device to one’s computer… Computer viruses, also referred to as ‘malicious code’ perform harmful tasks such as collecting information about individual users without their knowledge or even attempt to use the infected computer as an operational base to attack another computer or website”. (JH)