Researchers Uncover Polymorphic AutoRun Worm

W32/Autorun.worm.aaeb-h is an evolved, virtual machine-aware AutoRun worm that makes use of  obfuscation and polymorphic techniques in order to evade detection and infect removable media and mounted network shares, according to McAfee.Researchers have seen an increase in samples for the year-old malware family, which is compiled in Visual Basic 6.

Zeus Now Using Autorun As Infection Numbers Rise

After tapering off, the Zeus Trojan has been staging a comeback over the last few months, possibly using a new infection routine that leverages Windows’ autorun feature even after a company update to limit infections that use it, according to research by Microsoft.

In direct response to Conficker and an increased wave of malware attacks targeting the Windows AutoRun feature, Microsoft today announced significant changes to the way the operating system operates when USB drives are used.

The changes, detailed on Redmond’s Security Research & Defense blog, have been built into Windows 7 will be back-ported to Windows Vista and Windows XP in the near future. Read the full story []  Also see the Microsoft SR&D blog []

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.