WORM_VOBFUS.JDN

WORM_VOBFUS.JDN is a new member of the Vobfus worm family that has acquired headline-grabbing attention with its flexible polyglot functions. Although WORM_VOBFUS.JDN uses a standard worm distribution plan that disguises its files as benign ones, WORM_VOBFUS.JDN also may rename its files in different languages, while also installing other threats, distributing itself to new PCs or giving third parties control over the infected system. The removal of WORM_VOBFUS.JDN, like any worm, always should include the use of good anti-malware solutions that are able to identify multiple copies of WORM_VOBFUS.JDN and delete them all, lest a WORM_VOBFUS.JDN worm attacks your PC from a 'backup' copy.

The Worm that Speaks in More than One Tongue

The Vobfus family is a prominent, if not necessarily unique, family of worms well-known for their exploitation of a Windows shortcut vulnerability for propagation. Variants of Vobfus, such as WORM_VOBFUS.JDN worms, are seen in new versions very regularly. Their ability to abuse polymorphism, modifying their code to avoid detection, also adds additional obstacles for anti-malware programs to overcome when identifying them. However, even for its family, malware researchers consider WORM_VOBFUS.JDN a particularly international threat, due to its built-in ability to change file names to different languages.

WORM_VOBFUS.JDN, like other Vobfus worms, distributes itself through peripheral devices by creating clones of itself under different file names. Instead of using randomized characters, WORM_VOBFUS.JDN names these after intelligible words, including erotica-suggesting ones like 'Sexy.exe,' as well as generically-applicable ones like 'Webcam.exe' or 'Password.exe.' However, unlike its earlier ancestors, WORM_VOBFUS.JDN may adjust these names to be specific to the infected machine's region. Examples of languages that WORM_VOBFUS.JDN is 'fluent' in speaking include Chinese, Vietnamese, Arabic, French, Italian, Spanish and Korean.

Keeping WORM_VOBFUS.JDN from Speaking the Words that Doom Your PC

Once one gets past its linguistic upgrade to its disguise, WORM_VOBFUS.JDN is similar to most other Vobfus worms malware researchers have encountered. Backdoor vulnerabilities, the ability to execute remote commands, Windows file-viewing modifications and functions for downloading and then launching downloaded files all are part of WORM_VOBFUS.JDN's standard arsenal. As general safety precautions after removing a WORM_VOBFUS.JDN infection, malware experts would recommend that you double-check any security-essential settings and change passwords.

Some special warnings also should be regarded whenever it comes to containing WORM_VOBFUS.JDN, and all other self-distributing PC threats. Peripheral devices with hard drives, such as USB thumb drives, are particularly common targets for worm contamination. Local networks also may be vulnerable to being compromised. Blocking these avenues of contamination will allow you to limit the damage that WORM_VOBFUS.JDN may do before you delete all copies of WORM_VOBFUS.JDN permanently. WORM_VOBFUS.JDN's use of suggestive file names also becomes another clue of the surprisingly extensive dangers that may come with launching executable files that you are not sure are safe.

Technical Details