Often, software flaws or weaknesses get the lion's share of the blame when malware infects and spreads throughout a network. But, that's not the whole story.
While cyber criminals prey upon vulnerabilities in software programs, many exploit the "natural" structure of Windows networks to compromise and steal data, such as those who use the Coreflood Trojan botnet.
Cyber criminals use infected websites to spread the malware; once infected, the malware lurks in an inactive state until a system administrator logs in.
After logging in, Coreflood uses a legitimate Windows program (psexec), or a custom program that has the same capabilities, and roams the network looking for new victims.
Home network users aren't immune, but Coreflood mostly targets large organizational networks. According to US-CERT, organizations can diagnose possible infections by using these indicators:
Download US-CERT's detailed, to-the-point recommendations for minimizing or preventing Coreflood infections, including tactical and strategic mitigations, available on IT Business Edge.