Botnet

Virut

First seen: 2006 • Status: inactive

Currently Inactive

Virut was a shape-shifting virus that infected program files and web pages, building an army of zombie computers.

Overview

Virut is a polymorphic file infector that creates botnets for spam distribution and DDoS attacks. It infects EXE and HTML files and was notoriously difficult to remove.

Also Known As

Virtob, Virus.Win32.Virut

How It Spreads

  • File infection
  • HTML infection
  • Network shares
  • Infected software downloads

What It Does

  • File infection
  • Botnet creation
  • Spam distribution
  • DDoS attacks
  • Backdoor access

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Scan all executables for infection
  • Check HTML files for malicious scripts
  • Monitor for C2 communication
  • Review network for bot activity

MITRE ATT&CK Techniques

T1091, T1027, T1499, T1071

If You're Infected

  1. 1.

    Use specialized Virut removal tools

  2. 2.

    Consider system reinstallation for severe infections

  3. 3.

    Restore files from known-clean backups

  4. 4.

    Scan all removable media

Related Malware

Sality, Ramnit

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices