Viruses & Malware

The frenzy surrounding the latest Harry Potter cinematic offering is helping to keep the prevalent NetSky-P worm alive.

Its accused maker may be awaiting trial in Germany, but the NetSky virus is still dominating the virus hit parade in May.

Variants of NetSky occupy seven — or perhaps eight — of the "Dirty Dozen" top viruses compiled monthly by anti-virus experts at the Ohio-based computer security company Central Command.

The No. 1 virus on the list is Sasser, which accounted for almost half of all infections reported to Central Command. But the 18-year-old German accused of creating the NetSky virus has reportedly confessed to making Sasser too.

A NEW WINDOWS worm that steals online banking information, and secretly transmits it back to its creators has been spotted in the wild.
The Korgo worm uses holes in the patchwork quilt which is Windows, despite the fact that the hole was patched by Vole in April. According to a spokesman for F-Secure the worm keeps spreading and it's aggressively stealing user information from infected machines. It does this via a keylogger, which specifically collects user logins for online banks.

Virus writers have used code from the infamous Mydoom worm to create a potentially dangerous new Internet worm which uses multiple methods to spread.

Plexus-A spreads using three different methods: infected email attachments, file-sharing networks and Windows vulnerabilities (the LSASS vulnerability used by Sasser and the RPC DCOM flaw used by Blaster). The as yet unknown virus authors used MyDoom source code as the basis for creating Plexus, according to an analysis of the worm by Russian AV firm Kaspersky Labs.

THE COMPUTEX press office is filled with hacks from all over the world and they're all gnawing their knuckles because their news editors are shouting at them to file their stories.
But the problem is they can't, because the rather nice looking Shuttle boxes and Shuttle monitors don't give no satisfaction.

It's not the fault of the hardware though. A worm has obviously struck the network, as we found out when we plugged an Ethernet cable into our notebook to see our firewall shouting "help, help".

Although less new malicious code appears to be being written, viruses and worms are continuing to cause problems around the world, says Trend Micro

Despite worms such as Sasser, Bobax and Wallon wreaking havoc throughout May, security vendor Trend Micro says it detected fewer examples of new malicious coding last month than it did in April.

Computer viruses designed to steal victims' personal and financial information -- names, addresses, and credit card numbers -- are becoming increasingly widespread on the Internet, according to an Internet-security trends report by security software maker Symantec Corp. Unfortunately, companies are trying to limit their liability when such online security breaches hijack customer data.

Canada has just analyzed the first known 64-bit malicious threat. The virus, called W64.Rugrat.3344, is a "proof-of-concept" virus and is not spreading in the wild, although it is the first known threat to attack 64-bit Windows executables successfully. The threat does not infect 32-bit executables and will not run on 32-bit Windows platforms. It only targets Win64-bit systems.

Computer worms will cost European ISPs an estimated 123m this year, according to a study by Sandvine. The Net traffic management firm says its study shows attacks on European service providers are now a daily occurrence.

A mass-mailing worm known as Lovgate.AB has been upgraded to a medium-level threat by anti-virus company Network Associates.

This follows the receipt of over 100 samples of the worm from both customers and through virus-generated emails around the world.

The worm affects systems running Windows NT, Windows 2000, Windows Server 2003 and Windows XP. Other variants of Windows and systems running Linux, OSX, any Unix or OS/2 are not affected.