There is a rash of news recently about an old virus, the Clampi virus. It is designed to run and do little until the user logs into an online banking site. It then captures the username and password of the person logging in and sends it off to the malware writers who use the information to withdraw money from the victim’s account.
This is really nothing new.
Viruses and other malware of this type have been around for a long time. Either through programs that do similar things, including capturing keystrokes, to “Phishing” attacks, which are specially crafted e-mails that trick users into visiting websites that look legitimate, but actually are fraudulent copies of the genuine site.
The removal instructions for this virus are the same as for most others, turn off system restore, boot in safe mode, run scans, and clean out the registry of the data the virus inserts. Since most new malware uses dynamic naming, that is the name of the program file for the virus is random, you can’t immediately identify which file it is.
Due to multiple vulnerabilities within Windows itself, it is often too late once the victim has visited the website to protect the computer. It is better if it is blocked before it enters your business network.
NMP has a security product, the NMP Expanse, that will intercept and block viruses, spyware, trojan programs, phishing attacks, spam, and other bad data from ever reaching the inside of your network. Best of all, it can be installed without having to reconfigure your network. It can sit quietly and filter all of the traffic going both in and out of your network.
While you still need software on your desktop to protect your system, it is most effective to block the attacks before they ever reach your computer.
