Are VBS worms still a significant problem on the Internet? Are there configuration changes that can be made in...
Windows to thwart them?
The Visual Basic script (VBS) worms of the early 2000s have largely passed into history. Cybercrime today is more profit-motivated than malware such as the ILOVEYOU virus from 2000, which essentially just deleted .jpg and MP3 files from a user's hard drive. One of the other effects of this virus was that when opened it resent the message to everyone in the recipient's address book and, in turn, many email systems were overloaded with malicious email and had to be disconnected from the Internet. These attacks were reportedly created to steal login usernames and passwords to be used for Internet access.
There was most likely very little money made by the criminal(s) from the VBS worms from the 2000s, except by consulting companies that were called in to eradicate the worms. The viruses resulted in a significant amount of attention spent on investigating the malware and catching the author(s). The current attack that could be considered closest to the VBS malware of the 2000s is a distributed denial-of-service attack that uses botnets of a large number of compromised systems to overwhelm the network of a system.
Fortunately, email security systems have advanced significantly since the VBS malware of the 2000s. Host-based security has also improved; typically, VBS and other scripting functions are not enabled by default to execute from an email. VBS via wscript.exe is still supported on Windows 8, but Microsoft is encouraging the use of PowerShell for scripts, which requires signed scripts for the script to execute, which can help prevent most malware using malicious scripts.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Nick Lewis
The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their ...continue reading
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching ...continue reading
BlackEnergy malware may have been part of the attacks on Ukrainian utility and media companies. Expert Nick Lewis explains how this malware works and...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.