March Malware Advisory: Thirtyseven4 Cautions Computer Users of the On-going Evolution of Internet Worm Vobfus

Share Article

Worm.Vobfus chameleon capabilities make effective detection problematic, additional preventive measures required. Thirtyseven4 Antivirus offers proactive defenses.

Thirtyseven4, LLC, a leading provider of antivirus and security solutions, today cautions Internet users to remain vigilant of Worm.Vobfus (Vobfus), a family of worms known for polymorphic capabilities and aggressive propagation routines that have allowed them to gain prominence over time.

Vobfus variants spread by dropping copies of itself onto all removable drives and mapped network drives connected to the infected system. The worm exploits the Windows Autorun feature to allow for auto-execution. And while the presences of explicitly named executable files are a sign of infection, the original source of infection can be hard to trace.

“A big concern for network administrators is that unlike most worms and viruses, there is no definitive source of infection for the Vobfus family. The worm could have originally been installed by visiting a compromised website, spread throughout the network via a connected removable or mapped network drive, downloaded by other malware present on the system and we’ve even had reports of this worm getting spread through social networking sites,” said Steven Sundermeier, Owner of Thirtyseven4.

Nearly 39% of virus-related inquiries submitted by thirtyseven4.com visitors or received via phone over the last three months to the Thirtyseven4 Antivirus Research Team involved Vobfus.

Thirtyseven4 suggests the following preventive measures to reduce the risks posed by the Vobfus family:

1.    Disable the Autorun functionality

2.    Keep operating system and installed software patched and updated against known vulnerabilities and exploits

3.    Limit access to Shared folders and removable drives

4.    Be diligent when opening e-mail attachments

5.    Be aware of phishing schemes, and avoid clicking on links within emails, instant messages or on social networking sites

6.    Install strong antivirus software, making sure it remains up-to-date and scanned at regular intervals

Thirtyseven4’s flagship solution, Thirtyseven4 Antivirus is routinely updated against the latest Vobfus variants and also incorporates advanced generic detection routines and cutting-edge modules (ie. Autorun Protection, Browser Protection, etc) that offer proactive defenses against future mutations.

A complete technical write-up on Vobfus is available at: http://thirtyseven4.com/worm_vobfus.html

Evaluation licenses of Thirtyseven4 Antivirus are available at: http://thirtyseven4.com/downloads.html. For more information contact Thirtyseven4 at 877-374-7581.    

About Thirtyseven4:
Born out of a desire to better connect antivirus protection solutions with premium customer support and service, Thirtyseven4, LLC seeks to protect schools, businesses, governmental agencies and home-users with the best antivirus products available. Thirtyseven4 is an American company built on honesty, trust and value for the customer.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Steven Sundermeier
Follow us on
Visit website