Viruses & Malware

A new version of the Sober worm was unleashed last night, with the timing chosen to correspond with the founding of the German Nazi party and a major German political conference starting today.

There are no early reports of major problems, but firms have been warned to monitor the situation. A warning about the attack was issued by security software companies at the end of last year, after it was discovered that the previous version of Sober had been programmed to trigger new attacks on the internet.

Another year, another would-be mobile-virus threat. On Jan. 3, BlackBerry maker Research in Motion (RIMM) said its popular handhelds could fall victim to virus attacks due to a software flaw in the company's BlackBerry Enterprise Server, which acts as a link between the devices and corporate applications. Open the wrong file, and wham! Forget about viewing other attachments. Luckily for users of the addictive BlackBerry wireless e-mail service, RIM caught the vulnerability early and came up with a fix, which will become available with the next iteration of its enterprise server.

The next variant of the Sober worm is set to attack computers already infected by previous versions of the malware at the stroke of midnight GMT as Jan. 5 turns into Jan. 6, according to European antivirus software vendors. Given that both Internet service providers and local police are closely monitoring Web sites likely to be used in the attack, security experts believe the hacker may choose not to engage in any malicious activity this time around.

A new Trojan horse is designed to produce forge Google ads that are formatted to look like legitimate ones. The Trojan attempts to incorporate its ads in Google AdSense publishers program. Once installed, the Trojan horse downloads itself onto the computer and replaces the original ads with its own ads.

Microsoft, the world's biggest software company, is being targeted by hackers from a newly found Windows exploit. The potential of a security threat is huge, as F-Secure, an antivirus company, announced.
The Microsoft Windows flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But
the potential for damaging attacks increased dramatically at the weekend after a group of computer hackers published the source code they used to exploit it.

Internet users are being warned about a new virus that poses as a leaked pre-release version of the MSN Messenger instant messenger program.

Anti-virus companies are warning instant messenger users to be wary of joke messages and e-cards as they may contain the Santa Claus worm.

IMLogic, a company that specialises in virus detection in Instant Messenger programs warned last night that the IM.GiftCom.All worm presented itself as a harmless Santa Claus file, apparently sent from someone known to the recipient.

An alleged child porn offender in Germany turned himself in to the police after mistaking an e-mail he received from a computer worm for an official warning that he was under investigation, authorities said on Tuesday.

"It just goes to show that computer worms aren't always destructive," said a spokesman for police in the western city of Paderborn. "Here it helped us to uncover a crime which would otherwise probably have gone undetected."

The number of new virus threats, especially spyware and adware, will continue to rise next year, thus presenting businesses with new concerns about security on the information network.

As a result, businesses will be looking for integrated, centrally controllable solutions rather than home user software, said Sophos managing director Charles Cousins.

He added that next year vendors that provide only antispyware protection will find the market increasingly competitive unless they join forces with a security company that offers solutions that protect systems against viruses.

A Windows-targeted worm that drops spying software on vulnerable PCs is spreading across the Internet, security experts have warned.

The Dasher.B worm exploits a flaw in Microsoft Windows Distributed Transaction Coordinator, or MDTC, security companies said Friday. Microsoft announced and patched the hole in the component for transaction processing in October. However, initial glitches with the update may have left some users without a properly implemented fix, Sophos said.