Viruses & Malware

Technicians at British anti-virus firm Sophos said on Friday they had discovered a plea for work inserted deep in the lines of code for two new computer worm outbreaks, "MyDoom-U" and "MyDoom-V."

"We searching 4 work in AV (anti-virus) industry," read the message. Because it was inserted in the code, the message was only visible to anti-virus professionals.

While the calling card may have won the programmer points for creativity, the anti-virus community was not impressed.

The fallout from the Netsky/Bagle virus war earlier in the year is persisting, according to antivirus companies.

Figures released by Sophos, Kaspersky and Trend Micro for August show variants of Netsky, Bagle and Mydoom all topping the charts.

Although the number of new viruses continues to increase they are less effective at spreading, so general virus activity is down on this time last year.

Alfred Hitchcock, that great magician of the big screen, often said that to maintain suspense, the audience needed to know more about the situation than the characters in the film. Therefore, while Ingrid Bergman or Cary Grant walked down a hall or through city streets without a care in the world, the spectator noticed a suspicious shadow, or flock of birds in a tree.

Despite a huge number of viruses released onto the Internet during August, infections were dominated by variants of old-timers

The number of new viruses released onto the Internet reached a 33-month high during August, but infections were dominated by old-timers that were used primarily to seed networks for spammers.

In their virus reports for August, software and Internet security companies said that viruses such as Netsky, Zafi and MyDoom, together with their variants, continued to dominate the charts.

A new Bagle dropper and downloader, Bagle-AQ, was bulk mailed to numerous internet users yesterday. The malware arrives in email with subject and email body foto and attachment called foto.zip that poses as a file containing photographs.

It's not a lunar lander and it's not a new breed of killer mosquito. It's a very common bacteria-eating virus and researchers have a closer look at it now than ever before.

Online banking customers should be wary of a new series of Trojan horses out to filch financial information, said a security firm Monday.
The Tolger line of Trojan horses, said U.K.-based Sophos, target online users of a slew of British-based banks, including users Barclays, HSBC, Lloyds, and Nationwide.

Jiangmin Science Technology Co Ltd said yesterday that it had detected a computer virus, which can specifically steal files with names such as "exam" or "test questions," possibly leading to leakage of exam papers.

The virus, named "exam theft," can infect Microsoft Word and Excel files and upload the ones with the special names to fixed IP addresses. After that, the author of the virus can get the tainted files and probably access questions in exam papers beforehand, Shanghai Daily reported Monday.

Virus writers have unleashed the first program that infects 64-bit Windows files, antivirus firm Symantec have said.

The virus, dubbed W64.Shruggle by Symantec, seems mainly to be an experiment to test the concept of a 64-bit infecter and is not actively spread, said Alfred Huger, senior director of security at Symantec.

"The most interesting thing about this is that virus writers are already developing for the 64-bit platform," he said.

A new version of the worm that spread from infected Microsoft web servers in June has been identified and is using instant messages and infected websites in Russia, Uruguay and the USA to spread itself, according to one security company.
Researchers at PivX Solutions of California, have intercepted new malicious code closely resembling that from widespread attacks in June attributed to a worm named "Scob" or "Download.ject."