A new virus has been found to be “spreading widely” in the Indian cyberspace. The said virus is a suspected variant of malware family called ‘Win32/Ramnit’ and steals bank account details and passwords of the user once it is clicked.
Ramnit worm spreads by infecting or modifying files existing on target systems such as (EXE, dll or html) and creating a new section so as to modify the entry point to that section.
The malware steals credentials like file transfer protocol passwords, bank account logins, infects removable media, changes browser settings and downloads and executes arbitrary files.
The virus so is extremely deadly and potent because of two facts:
- It has ability to hide itself from anti-virus solutions and acquires various aliases to attack a genuine system or Internet-based connection which works to play emails and other user services.
- It infects the removable media by copying itself to its recycle bin and creates an autorun.inf file.
Once the system is infected, the malware injects its code into windows executable html files or dlls to communicate with its command and control server, thereby compromising the security of the online system.
Counter Measures in this regard:
- Users should not download and open attachments in emails received from untrusted users or unexpectedly received from trusted users.
- One should exercise caution while visiting links to web pages and not visit untrusted websites.
- Enable firewall at desktop and gateway level and disable ports that are not required.
- Avoid downloading pirated software.
- Keep up-to-date patches and fixes on the operating system and application softwares.
- Keep up-to-date anti- virus and anti-spyware signatures at desktop and at gateway level.
If any person, without permission of the owner or any other person who is in charge of a computer, computer system of computer network, downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network, he is guilty under Section 43(b) of the amended Information Technology Act, 2000.
Spreading of virus is a cognizable crime under the section 43(c), which imposes compensation for unauthorized introduction of computer contaminants or computer virus. Since section 43 does talk on the exact amount of compensation, one remains on mercy of Courts and intelligence of lawyers, because data being intangible asset, the worth can run into millions or trillions of denominations.
Spreading of virus is also a cognizable crime under section 66 of The IT Act, 2000 in India. It attracts up to 3 Years of imprisonment or up to Rs. 5 Lakhs of fine or both.