[Attention] Ddos Attacks through the virus Ramnit.A

[Raptursh]

In those days , i discovered something , which is a virus spread in almost every machine of a server . its called (Ramnit.A) .
What is a Ramnit.A ?

 Spoiler

Virus:Win32/Ramnit.A is a detection for a virus that infects Windows executable files and HTML files, and spreads to removable drives. The virus attempts to open a backdoor and wait for instructions.

When executed, the virus drops a file as "<file_name>Srv.exe" (for example, "mytestSvr.exe"), where <file_name> is the file name of the infected executable. The dropped file is then executed.

This file may be detected as Worm:Win32/Ramnit.A.
Spreads via…

Thats how an attacker can shutdown servers easily , if u scan the vsro files or those new programs that are released , u can see there is a Ramnit virus in it , the biggest example of such programs is Srpatcher made by Cherno .
So please all scan your files to prevent these attacks , i recommend to use Avira (avira.com) , there is a version of it for windows server too . so please take care .

[Zodiao]

why DDoS attacks as a title?

[Raptursh]

mm , because it causes ddos attacks i guess ?

[Zodiao]

Virus causes DDoS attacks,that's new, and where's the text at the thread that says it causes DDOSes?

[Raptursh]

google what is a Ramnit and u'll see . dont come to comment while u dont know what a virus will do

and no , i didnt say that the virus itself attacks , the virus is used as a backdoor to infect other machines and are standby waiting for an order from the attacker .

[Zodiao]

define the meaning of :

Quote:

mm , because it causes ddos attacks i guess ?

or

Quote:

its one of the reasons for DDoS attacks

please...

[JuliaRocks*]

*******,I had this kind of sh*t xD

[GroundRave]

thanks alot Ahmad , That virus is added to Vsrofiles and his Patchs by Chernobyl , he use every machine as Bot-net to hack other machines =)

[Legacy2]

yea that **** tried to infect my home pc too. He use the local port 1434. My kaspersky blocked it. 5 different IPs attacked me.

srPatcher_1.0.6 didnt had any virus in it. My kaspersky reported nothing about it.

ups sry wrong virus

my network attack had the name > Win.MSSQL.Worm.Helkern

[Failwell]

I can confirm this. And i guess it was done by the hackers which where leeching the files - or the one who postet the files after the first release. They put the backdoor in it - to get access to the servers.

With this backddor they create a bot-net. And with this bot-net they can start ddos attacks. Also there is another worm which installs a little later - we found that drop.agent.ab installs a short while after ramnit. On some installations it took a few weeks. Seems like the ramnit - security hole is used for that.

drop.agent infects html, htm and some other files with a web-browser script.
This Script tries to infect desktop-machines. Especially Microsoft Windows ones.
DropAgent is destructive - it can delete files..

[M4n1ak]

Cuz, right, my ESET NOD32 rescued my pc from this xd



Some time ago...

[PortalDark]

well, i have lots of files infected by this, a no network change
there are virus that cause a connection to a botnet, but a virus that DDOS is really hard to believe
btw, chernos patcher was once INFECTED. he lost his account and the hacker start spreading his work infected. that may by the cause as mine, was scanned already and

Quote:

Quote:

Originally Posted by Failwell

Especially Microsoft Windows ones.

sorry to point that out but, is there a potential virus for any other OS?(MacOS has virus, but i assume they have less that WinOS)

[Shane¸]

that's why I use newest official br files lol!

[Veteran1337]

Quote:

Originally Posted by ~ Shane

that's why I use newest official br files lol!

vsro files aren't infected atleast those I got

[PortalDark]

Quote:

Originally Posted by ~ Shane

that's why I use newest official br files lol!

that's why i have vSRO-3-R
i can tell yours are **** compared to that