Viruses & Malware

Over 120,000 emails containing a downloader Trojan named Small.bdq have been sent to a highly targeted group of UK businesses since 9.10pm on 15 July, security experts warned today.

According to email security company BlackSpider Technologies, the Trojan is distinguished by its targeting specific companies across Europe during 10-minute periods, probably using spammers' directory lists.

The targeted businesses vary in size and industry sector, and the attack is continuing into Monday morning. BlackSpider reported on a similar attack on 8 July.

Email security firm MessageLabs has blocked more than a thousand copies of an email worm called Breatel-A (AKA Reatle or Lebreat) which attempts to launch a denial of service attack on security vendor Symantec and opens up a backdoor on infected PCs. The virus is being sent with multiple attachment types, including many .cpl files (Windows Control Panel Files) that may not automatically be blocked by some content filters and firewalls as they are not widely used by virus writers.

Paying bounties to track down and prosecute writers of computer worms no longer works, according to security experts at Symantec.

Microsoft has stated, however, that it expects to continue the reward programme that helped to convict Sven Jaschan, the author of Sasser and Netsky.

Symantec believes that the shift is a result of the changing hacking landscape. Worms and viruses are increasingly used for identity theft or to create zombie PCs used to launch distributed denial of service attacks or send spam.

A virus that originally masqueraded as a DVD copying programme is erasing MP3 files on millions of computers around the world.

The recent outbreak of the W32 or Nopir-B was spread largely through shady sites devoted to exchanging music files.

The virus erases all MP3 files on infected computers and files ending in “.com”.

A double-edged threat that attempts to hijack PCs has surfaced in at least three variants, security companies warned on Friday.

The new pest, Lebreat, is a combined network worm and mass-mailing worm, F-Secure said. Once run on a PC, it installs a backdoor for hackers, downloads the mass-mailer code and attempts to launch a denial-of-service attack that targets security giant Symantec's Web site, the Finnish antivirus specialist said. The malicious code is also known as Breatle and Reatle at other antivirus companies.

A British anti-virus firm announced Friday hackers are breaking into computers by sending emails claiming Michael Jackson has tried to kill himself.

According to security software specialists at Sophos, the email contains the subject heading, "Re: Suicidal attempt." When opened, the body specifies, " "Last night, while in his Neverland Ranch, Michael Jackson has made a suicidal attempt."

Worm activity fell last month by over 80 per cent, according to research released today.

A study by managed email provider Frontbridge Technologies found that 319 million of the emails it handled in May were infected with some kind of internet worm, but that the figure dropped to 36 million in June.

"Despite a lull in activity last month, we still warn companies that the danger of viruses remains ever present," said Charles McColgan, chief technology officer at Frontbridge.

Less than a day after the explosions in London, a Trojan horse has appeared that poses as news footage of the attacks, MessageLabs said Friday. The malicious code arrives in an e-mail with the subject line "TERROR HITS LONDON" that is designed to resemble a CNN newsletter, the e-mail security company said.

E-worms and viruses have occupied more than their fair share of the headlines, this year.

That’s excellent news for the various security firms that exist to defeat them. But it’s not so good for computer users, especially for people who haven’t learned that it’s really unwise to open any piece of email with an .exe or some other suffix on the end.

And mobile users have had, and continue to have, problems of their own.

Trend Micro co-founder and chairman Steve Chang likens his company's mission to that of a firefighter whose goal is ensuring business continuance for its customers. In an exclusive interview, he told Database that compared with just a few years ago, today the stakes around Internet security were much higher than before, with threats everywhere now.

To cope with this, he explained that Trend Micro had tried to create a world class centre in the Philippines called TrendLabs, where new viruses are analysed and which responds to customers around the world.