Stration
   HOME

TheInfoList



Click Here for Items Related To - Stration
OR:
Stration on:   [Wikipedia]   [Google]   [Amazon]

Stration (also known as Stratio and Warezov) is a family of
computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It wil ...
s that can affect
computer A computer is a machine that can be programmed to Execution (computing), carry out sequences of arithmetic or logical operations (computation) automatically. Modern digital electronic computers can perform generic sets of operations known as C ...
s running
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
, disabling security features and propagating itself to other computers via
e-mail attachment An email attachment is a computer file sent along with an email message. One or more files can be attached to any email message, and be sent along with it to the recipient. This is typically used as a simple method to share documents and images. ...
s. This family of worms is unusual in that new variants are being produced at an unprecedented rate, estimated to be up to one every 30 minutes at its peak, and downloaded from remote
server Server may refer to: Computing *Server (computing), a computer program or a device that provides functionality for other programs or devices, called clients Role * Waiting staff, those who work at a restaurant or a bar attending customers and su ...
s by infected machines to speed propagation. This makes detection and removal a particular challenge for
anti-virus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
vendors, because new signature files for each variant need to be issued to allow their software to detect them.


Details

The first variant of the Stration family was reported in late September 2006. It was quickly discovered that the worm program, as well as propagating itself by sending out copies via e-mail, was downloading new variants from one of a number of remote servers. These variants were generated by a program on those servers under control of the worm's creator(s). Computer security firm
F-Secure F-Secure Corporation is a global cyber security and privacy company, which has its headquarters in Helsinki, Finland. The company has offices in Denmark, Finland, France, Germany, India, Italy, Japan, Malaysia, Netherlands, Norway, Poland, Sweden, ...
has worked with
ISPs An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise private ...
to shut down domains hosting the variants of the worm. In November 2006, the Stration worm was the most widespread malware infection reported, accounting for around one-third of reported infections. The Stration worms employ
social engineering Social engineering may refer to: * Social engineering (political science), a means of influencing particular attitudes and social behaviors on a large scale * Social engineering (security), obtaining confidential information by manipulating and/or ...
to infect the target machine by arriving in an e-mail masquerading as a report from a mail server informing the recipient (in somewhat broken English) that their computer is infected due to an unpatched security flaw in Windows, and offering as an attachment a purported fix, which is in fact the worm program itself. Some later variants of the worm spread via
instant messenger Instant messaging (IM) technology is a type of online chat allowing real-time text transmission over the Internet or another computer network. Messages are typically transmitted between two or more parties, when each user inputs text and trigge ...
and
Skype Skype () is a proprietary telecommunications application operated by Skype Technologies, a division of Microsoft, best known for VoIP-based videotelephony, videoconferencing and voice calls. It also has instant messaging, file transfer, deb ...
chat alerts containing a
URL A Uniform Resource Locator (URL), colloquially termed as a web address, is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific type of Uniform Resource Identifie ...
leading to the worm.


Notes

{{Hacking in the 2000s Email worms Hacking in the 2000s 2006 in computing