Viruses & Malware

China's anti-cyber virus authorities has warned that a deadly new virus, transmitted by Microsoft's MSN (Microsoft Service Network) instant messaging programme, can steal registered users' accounts and passwords, eventually causing economic losses.

On the computer hit by the virus, the MSN friend list will display a message telling the user's account has been cancelled and recommending a Website where the user can find out who did this, experts with the National Computer Virus Emergency Response Centre said.

The Storm worm botnet - responsible for plenty of global IT misery - seems to be getting chopped up for sale to cyber-dodgies.

Joe Stewart, a blogger at security specialist SecureWorks and expert on Storm, says the new variants are using a 40-byte key to encrypt their Overnet peer-to-peer traffic.

Each node can only communicate with nodes using the same key.

This, he wrote in a blog today, allows the Storm author to divide the botnet into smaller networks.

Viruses wreaked havoc on at least 1 million personal computers during the weeklong National Day holiday, according to Jiangmin Co, a leading Chinese anti-virus company.

The company's monitoring system detected that more than 118,000 computers crashed on Oct. 6 alone.

"Viruses have been extremely active during the long vacation because more people chose to stay at home and surf the Internet, shopping online or playing online games," He Gongdao, an anti-virus expert at Jiangmin, said on Monday.

Emails posing as nude pictures of the actress Angelina Jolie have been blamed for a surge in malware last month, according to Sophos.

The jump is attributed to a hacking campaign using the Pushdo Trojan during the second half of September.

Messages promising images of actresses such as Halle Berry and Jolie, were sent to recipients with malware designed to give the hackers control of infected computers.

According to Sophos, the Pushdo Trojan accounted for nearly four in every five malicious emails during a single 24-hour period last month.

A project aimed at developing defences against malware that attacks unpatched vulnerabilities involved tests on samples developed by the NSA.

The ultra-secretive US spy agency supplied network testing firm Iometrix with eight worms as part of its plans to develop what it describes as the industry's first Zero-day Attack Test Platform.

As the so-called Bubbles worm continues to wind its way across the Web, passing itself along via the contact lists and chat feature of people's Skype VoIP calling software, researchers have now isolated a far more devious iteration of the virus.

According to experts working on the SpywareGuide blog -- which is run by security vendor FaceTime Communications -- one new version of the threat has moved it from nuisance stage -- it previously posted the "Bubbles" screensaver in Windows onto affected users' machines -- to the nasty stage -- adding a keystroke logging program.

Security mavens from Kaspersky say they have discovered a nasty virus that came pre-installed on Maxtor external hard drives sold in the Netherlands.

A 13-year-old virus not seen since the heyday of the floppy disk drive is believed to returned, infecting up to 100,000 laptops during manufacture by German vendor Medion.

The exact number of systems affected by the 'Stoned.Angelina' virus is not known, but the consignment of between 10,000 and 100,000 Medion laptops was destined for sale in Danish and German outlets of European retailing giant Aldi. The company also sells Medion laptops in the UK.

Skype Ltd. warned its users Monday that a worm targeting Windows PCs is spreading through the service's instant messenger, making the Voice over IP (VOIP)'s chat software the latest to come under the hacker gun.

In another example of how legit and mostly decent companies can have their user trust abuse in in this latest scandal involving Yahoo. An ad company that Yahoo owns, Right Media, served up some particular advertisements several million times that ended up being loaded with Trojans. These ads, while all over the Internet, were most prominently featured on MySpace and PhotoBucket – not shady warez sites.

The issues began last month, and according to ScanSafe the articles were seen many, many times.