SCF Advanced Search



  • Total Posts: 38282
  • Total Topics: 12871
  • Online Today: 1341
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)


Author Topic: HBGary Releases Aurora Detection Tool (clean, fix, delete, remove malware)  (Read 2111 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7522
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

Security vendor HBGary has released a free software tool that can remove "Aurora" malware, linked to corporate espionage at more than 30 companies:

Called the Aurora Inoculation Shot, this utility will remotely scan Windows machines over the network for signs of Aurora and can remove the malicious software as well:
It uses the Windows Management Instrumentation services to carry out the inoculation.

Although Aurora has been linked to attacks on just 34 companies, the software has captured the attention of corporate executives, because some believe that is connected to a widespread industrial espionage campaign originating from China.

Last month, Google admitted that it had been hacked by Aurora software and the company's security team gained access to a command-and-control server that held data linking the attack to other major companies such as Adobe Systems and, according to reports, Symantec, Juniper Networks, Northrop Grumman and Dow Chemical.

Security experts have now identified a dozen other Aurora command-and-control servers that may be collecting data on other companies, but many of those servers are hosted by ISPs that have not cooperated with investigations.

At this point, experts are divided on whether Aurora is important because it represents a widespread campaign, possibly condoned or even sponsored by the Chinese government, or because Google took the unusual step of admitting that it had been hacked.

According to HBGary CEO Greg Hoglund, the Aurora malware is similar to many other programs that have been used by criminals for years now. "The Aurora stuff isn't that complicated," He said. "It smells like any other criminal malware that's out there."

Although Google made the Aurora hack a point of negotiation with the People's Republic of China, "there's no hard evidence anywhere that shows that China's government has anything to do with it," Hoglund said.

Despite all the attention Aurora has received, the problem "hasn't gone away," Hoglund added. "It's still out there and operating."

That's why HBGary has made the inoculation software available. The company has also released a report outlining what is publicly known about the malware. "We're the first ones to release a concise report that brings all the data to one spot," he said:


Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising