alert! The incaseformat worm hits and will break out on the 23rd!

Others 2021-01-26 20:07:37 views: null

  Recently, a worm called incaseformat broke out in China. After the worm is executed, it will self-replicate to the Windows directory of the system disk and create a registry to start automatically. Once the user restarts the host, the virus matrix will be executed from the Windows directory. The process will traverse all disk files except the system disk and delete them, causing irreparable losses to the user!

  At present, users in different industries have been found to be infected in many regions of the country, and the spread of the virus has not been clearly targeted.

  Incaseformat virus origin

  iincaseformat is a virus that has been discovered before 2014. The virus caused an error in the value of the IMSecsPerDay variable, which eventually caused the DecodeDate to calculate and convert the current system time incorrectly. Due to the above reasons, this sample is an old virus and will not trigger the code logic to delete user files until January 13, 2021.

  How does it spread?

  The main way for the virus to spread is U disk, Windows sharing, email, etc. It is not enough to install anti-virus software on the computer to deal with the virus. Incaseformat is more "smart" than common worms, and it will pretend to be a folder icon , And has the logic to delete files regularly. Even, it can put itself into the trust zone of anti-virus software, and successfully escape the interception of anti-virus software. Once the set time is met, it will start to hide other disk files outside the C drive and generate the exe file corresponding to the folder icon. Many files have been compromised by viruses.

  The incaseformat worm has super spreading ability. Once it controls a computer, it will be used as a host, and it will continue to replicate itself to infect other computers, making the number of poisonings multiplying! Because it can pretend to be other files, it can escape security software Schools, print shops, and companies are all hardest hit by worms!

       Don't panic! Inspur Cloud escorts you. Inspur Cloud has rich experience in virus processing and overall end-to-end security backup solutions, providing users with professional response and defense solutions.

 

Guess you like

Origin blog.csdn.net/inspur_cloud/article/details/112846660
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com