KamaSutra, Nyxem, Blackmal and Mywife are one and the same. Defining new viruses is such a frenetic process, agreeing on a single name presents a challenge.
Without common names, it is nearly impossible to identify a wide range of attacks, according to a SecurityFocus article. On the other hand, anti-virus companies need to rush definitions to the public, most often resulting in every company calling the virus by a different name.
"I often wondered what biologists would do if they were discovering hundreds of species every week, and the same new species all over the world at the same time," said Joe Wells, chief scientist for security research at anti-spyware software maker Sunbelt Software. "They would have the same problems we have."
The Common Malware Enumeration (CME) Project, although not intending to solve the naming problems for consumers, aims to provide a neutral common identifier, such as "CME-24", that incident responders can use.
Although a good idea in theory, this concept has its own problems. The media will not likely favour the name CME-24 as it is certainly not as "punchy" as KamaSutra. Nor does it have an easy association with the virus definition itself, which will lead to further confusion.
A classic case of agreeing to disagree, this problem is not an easy one to solve.
The doctor is in
McAfee has rectified, by means of an update, the calamity a previous virus pattern caused. This virus definition incorrectly flagged system files (including Microsoft Excel, Google Toolbar Installer, Macromedia Flash Player and Windows XP files) as malware and either quarantined or deleted them. Is it not ironic that McAfee inadvertently unleashed the exact thing it is protecting its customers against?
Anti-virus companies need to rush definitions to the public, most often resulting in every company calling the virus by a different name.
Ilva Pieterse, ITWeb contributor
As a remedy, McAfee published a full list of files that were incorrectly flagged and asked "users who have moved detected files to quarantine should restore them to their original location. Windows users who have had files deleted should restore files from backup or use System Restore."
An apple a day
Apple has issued a patch that repairs five vulnerabilities in its OS X operating system and bundled applications also based on problems caused by a previous patch that aimed to fix problems connected to a series of worm and proof-of-concept code.
The most serious of these flaws allowed hackers to execute arbitrary code using the Safari browser or mail application.
Hopefully lessons have been learnt and these oversights are not to become a common ado.
Despite these vulnerabilities, OS X was a winner at the hacking challenge hosted by Wisconsin University as discussed last week. The site received half a million requests with 4 000 login attempts via SSH, a program used to log into another computer over a network. The contest, brought to a close after 38 hours, saw the Mac unsuccessfully penetrated.
Phishing fiasco
Last week saw lawsuit threats, this week it is monetary offerings. This latest phishing scam presents Chase Manhattan`s online banking customers with a phoney $20 prize for completion of a sham survey.
The scam claims it is sourcing usability feedback for the Chase online banking site, but in reality it entices users to another site where it attempts to acquire user names, passwords, PIN numbers, card verification numbers, mother`s maiden names and Social Security numbers.
Although resembling any other phishing scam, this one is different. Attackers are using a Web site run by a state-operated Chinese bank to host the scam, burying phishing pages within the server of the China Construction Bank (CCB). It is said to be the first time one bank`s infrastructure is being used to attack another financial institution.
Sources used: VNUNet, IDG.net, Techworld, SecurityFocus
Share