| 词条 | LizaMoon |
| 释义 |
OverviewInitial press statements{{which|date=November 2011}} reported the infection of hundreds of thousands or of millions of sites were infected. McAfee estimated approximately 1.5 million hosts affected between March and April 2011. However, subsequent research has shown a much lower infection rate. Although initial estimates for the infection based on Google search data were thought{{by whom|date=November 2011}} to show hundreds of thousands of infected sites, the true number appears to only be in the thousands: according to Niels Provos, a security researcher at Google, Google's safe browsing database indicates the LizaMoon attacks began around September 2010 and peaked in October 2010, with approximately 5600 infected sites.[3] Cisco researcher Mary Landesman has confirmed that the infection rate appears quite low.[4] How the web sites spreading the infection were attacked remains a mystery. However, hackers may inject vulnerable and popular websites with malicious code in order to spread the infection once users visit these sites. Users should never permit installs of software of unknown provenance from the Internet under any circumstances – those that follow this policy cannot be infected by LizaMoon. These types of malware, known as rogue antivirus software, come under different names and logos such as "XP Security 2011", "Malware Scanner" or similar. After the initial installation, the software runs a fake scan showing non-existing malware on the system and in many cases requires the user to pay in order to remove the alleged malware. EffectsAs with all malware, LizaMoon is easier for a user to deal with by avoiding it rather than by attempting to repair the damage it causes after the fact. Fortunately, LizaMoon is easy for most users to avoid. The software requires the user to actively participate in downloading and installing itself. Indeed, to become infected, a user must give permission to the software four times. LizaMoon asks the user to install a piece of rogue antivirus software to remove various non-existent "viruses" from the PC. The rogue AV software that is installed is called Windows Stability Center. As of April 1, the file that is downloaded is currently detected by only 13 of 43 anti-virus engines according to VirusTotal.[5] See also{{portal|Computer Science}} References1. ^{{cite web|url=http://money.cnn.com/2011/04/01/technology/lizamoon/index.htm|title=LizaMoon attack infects millions of websites|author=Stacy Cowley|date=2011-04-01|accessdate=2011-04-01|work=CNN Money}} 2. ^{{cite web|url=https://www.reuters.com/article/2011/04/01/hackers-idUSN0116927520110401|work=Reuters|date=2011-04-01|accessdate=2011-04-01|title=Malicious Web attack hits a million site addresses|author=Reuters}} 3. ^{{cite web|last=Provos|first=Niels|title=Lizamoon SQL Injection Campaign Compared|url=http://www.provos.org/index.php?/archives/92-Lizamoon-SQL-Injection-Campaign-Compared.html|accessdate=7 April 2011}} 4. ^{{cite web|last=Landesman|first=Mary|title=Lizamoon – Much Ado About Very Little|url= http://blogs.cisco.com/security/lizamoon-much-ado-about-very-little/ |accessdate=7 April 2011}} 5. ^{{cite web|last=Langa|first=Fred|title=LizaMoon infection: a blow-by-blow account|url=http://windowssecrets.com/comp/110407/#story1|accessdate=7 April 2011}} Additional sources
1 : Scareware |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。