Monitoring and analyzing the virus variants, Bkav found out that hackers control Ramnit botnet by using IRC protocol via many servers located in USA, Russia, Germany and China.
Bkav experts also discovered hackers have created Ramnit botnet by spreading viruses through all the ways such as via USB, software vulnerabilities, emails with viruses as attachments, links sent through instant message programs, etc. Ramnit virus also disguises as popular softwares like Macromedia Flash Player, Adobe Acrobat Reader, Windows Update, etc. to deceive users. Therefore, they can easily infect a large number of computers in a short time.
Illustration of Ramnit virus spreading
Upon infecting and taking control of the computers, Ramnit virus will steal data on victim computers, from passwords of FTP applications to cookies of FireFox, Chrome, Internet Explorer. With the information obtained, hackers can control email accounts, bank accounts, etc. of victims. Simultaneously, the virus opens a backdoor on victim computer, allowing hackers to steal any data file on the computer. It is dangerous that Ramnit virus runs silently on computers. Thus, it is hard for users to detect whether or when their computers are infected with the virus.
Mr. Vu Ngoc Son, Director of Bkav Research and Development (Bkav R&D) recommends: "So far, we haven't seen such a methodically organized virus as this one. They can spread through all the ways to maximize their infections on their targets. To prevent the virus, computer users need to obey the following principals: do not open USB by double-clicking the drive, update software vulnerability patches and absolutely do not open attachments and links from unknown sources. Besides raising their awareness, users need to install antivirus software which is strong enough to completely protect their computers".
Bkav has updated this virus definition into its both free and commercial antivirus versions so users can use Bkav antivirus software to check whether their computers have been infected with Ramnit virus.
Bkav