Viruses are already causing havoc this early in the new year, with two new viruses breaking new ground, and an old faithful that just won`t go away. First up is a wicked new virus that has popped up in Europe, where four companies are reported to have lost all their data in an attack from a new HTML virus.
Keep those virus patterns updated! You never know what`s coming.
Ian Melamed, chief technology officer, SatelliteSafe
Spain-based anti-virus developer Panda Software says Little Davinia, a worm, can wipe out all files on hard disks and network drives. It originated in Spain, and like Kakworm, it does not need to be opened; it simply needs to arrive embedded in HTML code in an e-mail to be triggered. It would seem to have been written by the author of ILoveYou. Once it has taken control, it sends itself to everyone in your address book, then overwrites all your files with an HTML code that continuously displays an error window. Symantec has not reported it as being in the wild yet, but you`ve been warned!
* If that weren`t enough, the first hypertext virus has been reported. PHP.NewWorld is the first script virus that can execute in a hypertext server environment. The virus has no payload and is not self-propagating, but is a "proof of concept" virus for the hypertext preprocessor (PHP) scripting language. Consider, though, that all scripting viruses first saw the light of day with proof-of-concept versions, with other software developers to add payloads and other destructive attributes. PHP is server scripting language that allows programmers to embed code in it. In executing, PHP.NewWorld seeks php, him, html or htt suffix files in the C:Windows directory. All files found with these extensions are infected.
* I reported in November that the Hybris virus was proving to be a pernicious little monster. And so it`s proven to be; after three months it shows no signs of slowing its spread, having stayed on global Top 10 lists for four months. Hybris`s success is partly based on the fact that it`s a full-blown 32-bit Windows program, rather than a VB script as so many other viruses are. Secondly, it spreads slowly and insidiously rather than at the lightning speed that was the trait of ILoveYou. And once it enters a computer, as usual through e-mail, it infects hundreds of files at breakneck speed. Finally, it uses encrypted plug-ins that it downloads off the Web to update itself, making its detection and deletion very tough. So remember, keep those virus patterns updated! You never know what`s coming.
* While we`re on the topic, the top 10 viruses in the world at the moment, as tracked by Trend Micro and listed from one to ten, are: Joke_Cursor.A, Troj_Navidad.E, PE_Funlove.4099, VBS_Loveletter.B, PE_MTX.A, TROJ_MTX.A, W97M_Marker, VBS_Kakworm.A, TROJ_Hybris.B, and TROJ_Navidad.A.
* The spectre of cyber-terrorism and cyber-war has raised its head again with a number of Indian Internet sites being hacked, ostensibly by Pakistanis. India and Pakistan are on a razor`s edge over the Kashmir region, so it is hardly surprising that Pakistani hackers would use this mechanism to strike a blow at the Indians. You may recall that last year Palestine sympathisers launched all-out attacks on Israeli Internet sites and businesses. The Indian Central Bureau of Investigation (CBI) traced several of the hackers to Internet service providers in Pakistan, but doubted whether they would be able to catch and convict hackers without help from Pakistani authorities. Hackers broke into at least 635 Indian Internet sites last year. Indian companies on average spend only 0.8% of their technology budgets on security, against a global average of 5.5%. Great quote from the CBI: "We are convinced that cyber-crime is the crime of the future. It is now much more easily committed and less easily identified."
* Microsoft is in the news for the wrong reasons again. A flaw in its Internet Information Server has been exploited to access and deface the corporate Web site of UK mega-company Boots. The hacker replaced the corporate page with an essay on the mentality of hacking. This is yet another example of a site administrator not ensuring that the Web server, running Windows NT 4.0, had the latest fixes running. Windows NT has been shown to be the most vulnerable and most hacked operating system.
(Sources: Reuters, Newsbytes, Hacker News Network, Silicon.com and Vnunet.com.)
Share
