By Jay Lyman TechNewsWorld Part of the ECT News Network
08/10/04 2:42 PM PT
In an earlier era, a worm like Bagle would be released, then a few variants of that worm would follow. The new trend is for virus writers to "seed" their viruses by releasing a handful of variants at the same time, iDefense analyst Ken Dunham said. These tsunami-like attacks are intended to overwhelm antivirus software.
eMarketer Whitepaper: Optimizing the E-Commerce Experience
From the Web to the Contact Center, are you prepared to proactively engage and keep your savvy customers? Read how e-commerce leaders are optimizing their sites with ratings, reviews, live help, Web analytics, mobile and more.
Computer viruses and variants have been known to reemerge
after a lull in activity, but the latest case, the Bagle.aq virus, highlights
continued security problems. Many users are unaware that they are acting as a relay for malicious code, spam and more.
The threat level for Bagle.aq was raised by antivirus giant McAfee, which said that the virus -- a descendent of the relentless string of Bagle, Netsky and MyDoom worms that slowed the Internet and confounded virus fighters earlier this year -- was spreading primarily among home users.
Security experts said that both the number and the danger of variants -- which now include built-in SMTP spamming engines, as well as Trojans that allow future access -- continue to rise, leaving the Internet community as a whole at greater risk.
"They [virus writers] know as well as we know that there are thousands of machines out there that are not protected," McAfee AVERT vice president Vincent Gulotto
told TechNewsWorld.
Growing Virus Families
In an earlier era, a worm would be released, then a few variants would follow. The new trend is for virus writers to "seed" their viruses by releasing a handful of variants
at the same time, iDefense director of malicious code Ken Dunham said. These tsunami-like attacks are intended to overwhelm antivirus software.
"We've seen a dramatic increase in waves of attack and multivariant
families," Dunham told TechNewsWorld. "When there are multiple variants and they are
randomized, it makes it difficult to identify them and know what you're dealing with."
Dunham added that sharing of virus code and collaboration among virus writers is also increasing.
Woes of Worm War
The new Bagle variant makes clear that the viruses that infected machines and clogged Internet traffic last year still account for the bulk of viruses in circulation, Dunham said.
McAfee's Gulotto said that security experts had confronted "wars" in the past, but nothing to compare with what played out last March and April, when virus writers exchanged barbs using variants of the three nasty worms.
Search and Spread
Gulotto said most worms today do not damage data or machines, but rather
commandeer PCs to spread themselves further or send spam.
"The number [of virus writers] is going to grow as the Internet grows," Dunham said. "As the use of the Internet, the complexity and integration
continue to grow, so does the evolution of hacking."
Companies Cautious on Windows XP SP2 August 10, 2004
While security features that block malicious code in e-mails and on Web pages have gotten most of the attention, the update also features architecture changes designed to make it harder for hackers to take over a machine remotely if they do gain access. "SP2 is somewhere between an upgrade and a whole new version of Windows," Gartner analyst Richard Stiennon told the E-Commerce Times.
Related Stories
New Bagle Virus Making Rounds August 09, 2004
Bagle.aq is a mass-mailing threat that contains its own mail engine to construct outgoing e-mail messages. It harvests addresses from local files and then uses the harvested addresses in the "From" field to send itself.
AMD Pushes Security Capabilities of XP SP 2 and Athlon 64 August 09, 2004
"AMD is taking a leadership role to deliver a more secure computing experience for home and business users with the enablement of enhanced virus protection on all AMD Athlon 64 processors in the market today," said Marty Seyer, corporate vice president and general manager of the microprocessor business unit at AMD.
Brador Trojan Targets Microsoft Pocket PC Handhelds August 06, 2004
Brador is created to allow the master full control over the infected Pocket PC PDA via the port that the Trojan opens. According to information received by the Kaspersky Virus Lab, Brador was probably written by a Russian virus coder. The Trojan was attached to an email with a Russian sender address and Russian text inside.
Virus Spreads to Handheld Computers August 06, 2004
The program, known as Backdoor.Brador.A, attacks PDAs running the Windows CE operating system. Once installed, the program activates when the PDA is restarted and begins to search for a remote administrator to take control of the machine.
Related News Alerts
More by Jay Lyman
Open Source Developer Dumps Novell Over Microsoft Deal December 26, 2006
A key open source developer, Jeremy Allison, who cofounded the Samba project, has resigned from Novell in protest over the company's recent agreement to enter a collaborative arrangement with Microsoft. The deal has created an uproar in the open source community because it does not treat all recipients of the GPL equally and thus violates the spirit of the license, critics say.
Financial Firms Tap Microsoft for Linux December 22, 2006
Three major financial institutions are among the first companies to go to Microsoft for Linux services, provided through an agreement the software giant struck with Novell. Although a recent survey showed customer approval of the collaboration, many members of the open source community view Novell's move as sleeping with the devil.
Mozilla Beefs Up Security in Firefox 2.0 December 21, 2006
Mozilla's latest update to its open source Firefox browser includes security measures targeting phishers. Phishing scams that use social engineering techniques to dupe Web surfers into revealing personal financial information have become an effective way for cybercriminals to conduct their nefarious activities on the Internet.
Headline Feeds
Talkback: 
