Viruses & Malware

A virus never sleeps. And it seems they don't stop mutating and breeding, too, as there are two new threats to computer users: BDSinit-A and Webber-C.
Strictly speaking, they are back-door trojans rather than 'viruses', but they both allow a remote attacker to control your system. The anti-virus specialist Sophos has already received several reports from the wild for both the threats.

BDSinit-A works by copying itself into the Windows system folder as svcinit.exe and modifies the Registry for it to be executed on system start-up.

This week computer viruses celebrate 20 years of causing trouble and strife to all types of computer users.
US student Fred Cohen was behind the first documented virus that was created as an experiment in computer security.

Now there are almost 60,000 viruses in existence and they have gone from being a nuisance to a permanent menace.

Virus writers have adapted to new technology as it has emerged and the most virulent programs use the net to find new victims and cause havoc.

The cable company has won thousands more broadband users, but says that virulent code is partly responsible for scaring others away

New versions of the Mimail e-mail worm are circulating on the Internet, according to alerts issued Monday from leading antivirus software companies. The new variants are similar to a version of the worm that appeared last week, Mimail.C, and contain instructions to launch distributed denial of service (DDoS) attacks against a number of antispam and e-commerce Web sites, according to alerts posted by Sophos, Symantec, and others.

A self-mailing worm spread at such a rapid clip Friday that several security firms raised their threat assessments to alert users of the danger.
The worm, pegged as Mimail.C by most antivirus vendors, was discovered just after midnight Friday and is a variation of similar malicious code launched in August. That trend--one successful worm tweaked to create another--is nothing new; the most notable example has been a series of worms dubbed as Sobig, whose latest incarnation last struck in August and September.

A NEW variant of the MiMail worm family, version C, is proliferating across the world, according to security firm iDefense. MiMail.C has a DDoS component to attack DarkProfits domains and there's likely to be increased activity on Port 80, according to Ken Dunham a security officer at the firm.

He says it's dangerous for corporation, many of which allow people to transfer ZIP files to each other using email. That means, he says, that MiMail.C "has the upper hand when infiltrating networks configured to allow ZIP attachments".

BRITISH firms are among the most lax in western Europe when it comes to electronic security.

Despite new virus threats appearing regularly, almost one third of all companies in the region have failed to take any measures against digital attack, according to a survey by the McAfee security division of software firm Network Associates.

While German and Swedish businesses are the most secure against attack, British and Dutch firms are most vulnerable.

An e-mail-borne virus which, apparently, originated in Germany is in the wild but has not yet spread widely or affected many users, according to a McAfee Security research engineer.

The worm-type virus, called W32/Sober@MM, or Sober, spreads as an attachment to a variety of e-mail messages written in either English or German, said McAfee virus research engineer Craig Schmugar.

Some of those e-mail messages identify the attachment as an update to Kaspersky Labs or Symantec Norton AntiVirus software.

A new virus threat called Sober could be causing a few headaches today, according to antivirus researchers.
The Sober worm, spotted in the last 12 hours, is a traditional attachment-based piece of malware that uses social engineering to trick people into activating its payload.

In contrast with the Flea virus discovered last week, which so far appears to have failed to bite, Sober hides its code in an HTML email. Microsoft Outlook users can activate the payload just by opening the email.

ANTI VIRUS firm F-Secure said it has raised the level of danger to two on the Flea computer worm, which sits in HTML-mail and auto activates when a message is opened using Microsoft Outlook.
The Flea then connects to a web site, and delivers its bite by executing Javascript code without users being aware of what it's doing.

Level two is the second highest alert level in F- Secure's classification.

The firm said it has received many reports of this worm affecting computers in Asia and Europe.