Viruses & Malware

While the whole world is gearing up for a mushy weekend, Imperva is warning consumers to go easy on the word love. People still remember the I LOVE YOU virus that infected machines a decade ago but they still have not stopped using "iloveyou" as their password.

According to Imperva, "iloveyou" is the fifth most common password, "lovely" is at number 18, "loveu" is number 23 and "loveme" is number 43. Apparently, hackers know this and they are all set to misuse personal information on social networks like Facebook.

Researchers discovered a new banking trojan that is being used to steal the financial credentials of customers at approximately 15 large- and mid-size U.S. banks.

The "Bugat" trojan, discovered by SecureWorks researchers in January, has capabilities similar to the notorious data-stealing trojans Clampi and Zeus, Jason Milletary, security researcher with SecureWorks' research team, the Counter Threat Unit (CTU), told SCMagazineUS.com on Tuesday.

Servers on the network of Leeds Primary Care NHS Trust were struck down by the Conficker worm late last week.

The malware infection struck on Friday and forced administrators to take a handful of infected servers offline, in phases, in order to apply deworming tools. Trust PCs were not infected by the attack, which a leaked memo blamed on the connection of an infected laptop onto the network.

IT security firm Sophos today released a list of the top ten countries hosting malware on the web, indicating which territories are the biggest offenders.

Sophos detected over 50,000 newly infected web pages every day with its findings revealing that the problem of compromised websites is truly global. Top ten countries hosting malware on the web, January - December 2009:

Threats to payment processing security do not just come in the form of credit and debit card skimming or employee theft of cardholder data - certain types of internet-facilitated malware, called crimeware, can be extremely damaging to payment processing security, said a recent report.

Experts agree that Windows 7 has enhanced security to ward off attacks on vulnerabilities in old software. But what if a money-minded online scammer can persuade you to download malware onto your PC?

"Windows 7 is more secure, and upgrading to it is a big improvement," says Chester Wisniewski, a senior security advisor with software-maker Sophos. "But it's not going to stop malware in its tracks."

It seems that hackers and malware authors are using new techniques to infect your home or office PC, as veteran IT security vendor Sophos has spotted a rash of fake Amazon `shipping email updates' over the weekend.

Build-your-own-botnet kits based on a family of malicious software known as Zeus account for about one out of every ten botnets, according to data collected by security firm Damballa.

The past year set a new record for malware creation with 25 million new strains, according to a new report by PandaLabs.

The latest surge of activity included new examples of banker Trojans, which accounted for 66 percent of all new samples, as well as a number of fake antivirus programs.

During 2009, spam was also highly active, accounting for 92 percent of all email traffic. The tactics used to dupe potential victims into opening these spam emails have focused on exploiting current events and dramatic news stories.

I have often recommended file-scanning services like VirusTotal and Jotti, which allow visitors to upload a suspicious file and scan it against dozens of commercial anti-virus tools. If a scan generates any virus alerts or red flags, the report produced by the scan is shared with all of the participating anti-virus makers so that those vendors can incorporate detection for the newly discovered malware into their products.