Viruses & Malware

With the proliferation of communication tools, spyware has exploded as a tool used by hackers to track and steal personal data, say specialist Internet security company, McAfee.

As PCs and laptops become more secure cyber criminals have moved their attention towards popular, new technology in an attempt to prey upon users that have their guard down when it comes to new devices, the company says.

Spyware encompasses a host of software technologies designed to illicitly gather data.

Major computer viruses over the last 25 years:

ELK CLONER, 1982: Regarded as the first virus to hit personal computers worldwide, "Elk Cloner" spread through Apple II floppy disks and displayed a poem written by its author, a ninth-grade student who was designing a practical joke.

BRAIN, 1986: "Brain" is the first virus to hit computers running a Microsoft Corp. operating system _ DOS. Written by two Pakistani brothers, the virus left the phone number of their computer repair shop.

Although Alex Eckelberry of Sunbelt Software believes fully patched IE and Firefox systems should be safe from the corrupted Bank of India website, it's probably best to avoid the site until a massive malware problem has been corrected.

Just as it happened with the Dolphin Stadium website before the most recent Super Bowl, the Bank of India website has suffered an attack that dumps malware onto a visitor's system. A code injection attack appears to be the vector used.

Almost a quarter of internet-connected Britons have suffered from a virus attack in the past year, according to astonishing new figures from the Office of National Statistics.

Asked if their computer had been affected by a virus in the past 12 months, 23% of respondents claimed it had.

Online bankers beware. TierOne Bank sent out an e-mail to their customers warning them about a new virus that could trick customers into giving personal information to a computer hacker and not even know it. A new an nasty computer virus can disguise itself as a message from your bank that pops up while you're banking online. So far, no TierOne customers have fallen victim to this scam. It's one in a slew of viruses and spam messages aimed at people online.

Storm, the Trojan that Hoovers PCs into hacker-controlled botnets, roared back into life last month in several waves, security researchers said earlier this week, and has blown by 2005's Sober to become the most prolific e-mail-borne malware ever.

Spammers have moved from targeting Yahoo accounts to send out spam and have now focused their attention on Gmail and Hotmail.

Criminals have worked out a way of bypassing the captcha security that should prevent automated systems from creating operational email accounts from which to churn out spam, according to research carried out by anti-virus company BitDefender.

Trend Micro says a large-scale security attack could be about to launch on the web after its researchers spotted a Russian server loaded with more than 400 different pieces of malware.

Chenghuai Lu, a senior threat analyst at Trend Micro, has uncovered a site with several hundred malicious programs and traced the site's server to a Russian IP address. Among the harboured malware were examples of three Trojan families: Dropper.cko, Clicker.qu and Polycrypt.g. All three clans typically hijack Internet Explorer on compromised PCs and direct users to adult websites.

Security firm Sophos reports that a mass mailing email worm is doing the rounds carrying the W32/Romario-A variant.

As is always the case with these security alerts, the email plays off the recent popularity of Nintendo gaming platforms the Wii and DS. The attempt is to socially engineer the reader into clicking on a link to play a classic Mario game.

Once clicked the link does indeed launch a game containing the moustachioed, pint-sized, overall lover.

But, in the background more sinister code is at work as the worm is installed.

PayRob.A is a Trojan designed to steal data from PayPal accounts. Like most Trojans, PayRob.A cannot spread by itself, but needs intervention from a malicious user to reach computers.

If the targeted user runs the file carrying PayRob.A, it gives itself hidden file attributes and modifies the Windows Registry to ensure it is run whenever the system is restarted.

The Trojan creates two files on the infected computer in the temporary Internet files folder and in C:\WINDOWS\MSAPPS\. If the latter folder is not found on the system, an error message is displayed.