Are VBS worms still a significant problem on the Internet? Are there configuration changes that can be made in
Windows to thwart them?
The Visual Basic script (VBS) worms of the early 2000s have largely passed into history. Cybercrime today is more profit-motivated than malware such as the ILOVEYOU virus from 2000, which essentially just deleted .jpg and MP3 files from a user's hard drive. One of the other effects of this virus was that when opened it resent the message to everyone in the recipient's address book and, in turn, many email systems were overloaded with malicious email and had to be disconnected from the Internet. These attacks were reportedly created to steal login usernames and passwords to be used for Internet access.
There was most likely very little money made by the criminal(s) from the VBS worms from the 2000s, except by consulting companies that were called in to eradicate the worms. The viruses resulted in a significant amount of attention spent on investigating the malware and catching the author(s). The current attack that could be considered closest to the VBS malware of the 2000s is a distributed denial-of-service attack that uses botnets of a large number of compromised systems to overwhelm the network of a system.
Fortunately, email security systems have advanced significantly since the VBS malware of the 2000s. Host-based security has also improved; typically, VBS and other scripting functions are not enabled by default to execute from an email. VBS via wscript.exe is still supported on Windows 8, but Microsoft is encouraging the use of PowerShell for scripts, which requires signed scripts for the script to execute, which can help prevent most malware using malicious scripts.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Nick Lewis, Enterprise Threats
Researchers reportedly succeeded in extracting decryption keys using sound-based attacks. Is this a threat enterprises should worry about?continue reading
The amount of malware using peer-to-peer communications has increased dramatically. Enterprise threats expert Nick Lewis explains how to detect P2P ...continue reading
Cloaked malware, like DGA.Changer, can reportedly evade sandbox detection. Nick Lewis explains how to handle the risk.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.