Dec 3, 2016

Avalanche (crimeware-as-a-service infrastructure)


(US-Cert  12/01)

Systems Affected

Microsoft Windows

Overview

“Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI), is releasing this Technical Alert to provide further information about Avalanche.

Solution

Users are advised to take the following actions to remediate malware infections associated with Avalanche:
  • Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. Even though parts of Avalanche are designed to evade detection, security companies are continuously updating their software to counter these advanced threats. Therefore, it is important to keep your anti-virus software up-to-date. If you suspect you may be a victim of an Avalanche malware, update your anti-virus software definitions and run a full-system scan. (See Understanding Anti-Virus Software for more information.)
  • Avoid clicking links in email – Attackers have become very skilled at making phishing emails look legitimate. Users should ensure the link is legitimate by typing the link into a new browser (see Avoiding Social Engineering and Phishing Attacks for more information).
  • Change your passwords – Your original passwords may have been compromised during the infection, so you should change them. (See Choosing and Protecting Passwords for more information.)
  • Keep your operating system and application software up-to-date – Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. You should enable automatic updates of the operating system if this option is available. (See Understanding Patches for more information.)
  • Use anti-malware tools – Using a legitimate program that identifies and removes malware can help eliminate an infection. Users can consider employing a remediation tool. A non-exhaustive list of examples is provided below. The U.S. Government does not endorse or support any particular product or vendor.
          ESET Online Scanner
          https://www.eset.com/us/online-scanner/  
          F-Secure
          https://www.f-secure.com/en/web/home_global/online-scanner
          McAfee Stinger
          http://www.mcafee.com/us/downloads/free-tools/index.aspx
          Microsoft Safety Scanner
          https://www.microsoft.com/security/scanner/en-us/default.aspx
          Norton Power Eraser
          https://norton.com/npe

References


関連:

  無料malwareスキャナー (05/30)

こっちは別件

  Avalanche アプリケーション/セキュリティ負荷試験ツール


No comments: