Viruses & Malware

Every time I lose my mobile phone, which happens far too often, I'm given the opportunity to check out the latest and greatest phone technologies available. This is great stuff. They have zoom lenses for pictures and Quicktime videos, they have high resolution color screens, wireless data access for my laptop, they play MP3s, send emails, and even sync my calendar and address book wirelessly with my desktop. With Bluetooth, WAP, and mobile browsers, these are tiny computers with far more power than most people give them credit for.

Virus experts at Sophos have warned computer users about a new variant of the Forbot worm which targets MySQL open-source database software on Windows computers connected to the internet. MySQL is a popular alternative to Microsoft's SQL Server database software, and there are said to be more than 5 million installations worldwide.

The W32/Forbot-DY worm (also called UDF or MySpool) is the latest in a long line of worms in the Forbot family, which first began to appear in mid-2004.

A new worm has been discovered that is targeting MySQL Database servers running on Windows. It seems to have been able to infect a few thousand systems already and like many other similar worms it contacts an IRC server to get commands to go infect some more hosts.

SECURITY FIRM F-Secure said it has issued a level two alert for a variant of Bagle which it said is propagating like crazy across the world.

The firm said Bagle.AT is a polymorphic worm arriving in emails and with a number of different headers.

It's similar to the other Bagles around, and attaches itself to emails as a .EXE file with .com, .exe, .scr and .cpl extensions.

Typical text strings include "delivery service mail", "delivery by mail", "registration is accepted", "is delivered mail" and "you are made active".

While viruses that attack phones are few and far between now, when they get traction -- and they will -- the lousy state of security in smart phones means trouble for users and providers, an analyst said this week.

Most of the mobile malicious code that's popped up so far -- such as Cabir, a worm that's spread to several countries via Bluetooth-enabled phones -- isn't dangerous or destructive, said Brian Pellegrini, a wireless analyst with ABI Research.

Virus experts at Sophos have reported that a new Trojan horse, Troj/LegMir-Y, is designed to steal usernames and passwords from players of a massive multi-player internet role-playing game.

The Legmir-Y Trojan horse attempts to steal passwords and user information from players of the massive medieval fantasy role-playing game, ‘Lineage’. ‘Lineage’ is played over the internet and has millions of subscribers around the globe, many of them in South Korea which has an advanced internet infrastructure.

t just isn't fair that Windows users get all the viruses. I mean really, shouldn't Linux users be in on the fun as well? Well... thanks to the folks running the Wine project, Linux users can "catch the virus bug" too -- sort of.

Linux just isn't user-friendly when it comes to viruses. You have to work to find and run them. It doesn't happen automatically as it does with Windows. The GNU/Linux folks really should improve this glaring discrepancy.

Microsoft's patch process has spawned an attempt to fool Windows users into downloading and installing a Trojan horse.

A fake e-mail message, sent to CNET News.com, purports to be a Microsoft security notification about problems with the Windows operating system. The message, which carries the subject line "MS Windows/Critical Error," attempts to fool PC users into downloading and installing an attached program. However, numerous spelling and grammar errors in the message could tip people off to the danger.

A NEW WORM that piggybacks on MSN Messenger and Windows Messenger IM client is winging its way around the net. Dubbed "Bropia.A," once the worm has installed itself, it sends a copy to all your Messenger contacts. [Didn't we write about this last week? Ed.]

It then downloads a Trojan horse program, Rbot which is a back door into the computer. This then logs user keystrokes to collect system information, and spread instant messaging Spim. It also shuts off the right mouse button of the infected machine to block access to context-sensitive menus.

Security experts have intercepted a Trojan designed to steal usernames and passwords from players of the popular online multiplayer game Lineage.

The game involves players wandering around an online landscape, collecting magical items and slaying monsters or sometimes each other. The virus code, named LegMir-Y, sits on the host PC and attempts to steal players' login details.