Next-Generation Virus Streams To Win2K

22 Comments

Russia-based anti-virus vendor Kaspersky Lab has discovered a new
generation Windows 2000 virus that, although not in the wild yet, has
been tagged as extremely dangerous if it gets out.

The first iteration of this new "Stream Companion" generation of virus,
called W2K.Stream, takes advantage of the Windows 2000 NTFS file
system, which allows multiple simultaneous data streams to execute.

Some of the potential streams that could be used for malicious purposes
include independent executable program modules, as well as various
service streams to manipulate file access rights, encryption data,
processing time, and more.

The virus - and others like it - is expected to be difficult to detect as
anti-virus programs only check the main data stream.

"Many anti-virus products will become obsolete, and their vendors will
be forced to urgently redesign their anti-virus engines," says Eugene
Kaspersky, head of anti-virus research at Kaspersky Lab.

"This virus begins a new era in computer virus creation," says
Kaspersky. "The 'Stream Companion' technology the virus uses to plant
itself into files makes its detection and disinfection extremely
difficult to complete."

Hackers "Benny" and "Ratter" created the W2K.Stream virus in the Czech
Republic at the end of August.

The W2K.Stream virus is a Windows application compressed by a Petite
PE EXE file compressor and is about four kilobytes in size. When it runs,
it
infects all EXE files in the current directory and then returns control to
the
host file. While infecting a file, the virus creates a new stream
associated
with the victim file. This stream has "STR" as its name. The virus then
moves the victim file body to the STR stream and then overwrites the
victim file body with its own virus code.

As a result, when an infected file is executed, Windows reads the
default stream and executes it. Windows also reports the same file size
- the virus length - for all infected files.

Kaspersky Lab has added protection against the "Stream" virus to its
daily update of AntiViral Toolkit Pro.

Reported by ITWeb.co.za, http://www.itweb.co.za

22 Comments

22 Responses to Next-Generation Virus Streams To Win2K

Got News? Contact Us

Recent Headlines

Software file converters: How they work and why you need them

Human risk management automation can help beat burnout

Vivaldi 6.7 debuts Memory Saver performance booster, expands Feed Reader capabilities

Best Windows apps this week

Addressing digital transformation needs in the public sector [Q&A]

The psychological impact of phishing attacks on your employees

Canonical releases Ubuntu Linux 24.04 LTS 'Noble Numbat'

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

22 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.