Bugs & Viruses Archive

The Word Trojan: Anatomy of an Online Story

"Lately I've been blogging quite a bit on the state of on-line journalism. One aspect of that topic that I haven't touched on for awhile is the way in which a story breaks, builds, morphs and spreads electronically. The recent announcement of the Backdoor.Ginwui virus provides an interesting opportunity to do this once again, in order to see who addressed the story and how (including by me), and what, if anything, it all means." OSNews did not report on this Backdoor.Ginwui virus.

Cross-Platform Sample Virus Targets Windows, Linux

Virus researchers at Kaspersky Lab have found proof-of-concept code for a cross-platform virus capable of infecting both Windows and Linux systems. In an alert posted to Viruslist, Kaspersky said the sample virus has been given a dual name - Virus.Linux.Bi.a/ Virus.Win32.Bi.a - and highlighted the way attackers are targeting multiple platforms in malware attacks. "The virus doesn't have any practical application," the company said in the alert. "It's classic proof-of-concept code, written to show that it is possible to create a cross-platform virus."

First Cell-Phone Java Trojan on the Loose

Alerts went out Tuesday from several security companies warning users of an in-the-wild Trojan horse able to infect nearly any cell phone. The Trojan, named Redbrowser.a by McAfee, F-Secure, and the discovering vendor Kaspersky Labs, can attack any device - smart phone, PDA, or cell phone - that runs Java 2 Micro Edition, Sun Microsystem's version for consumer electronics devices.

Virus Shuts Down Russian Stock Exchange

Trading was suspended for an hour at Russia's main stock exchange because of a computer virus, the Russian Trading Systems, or RTS, said Friday. Data processing was paralyzed late Thursday afternoon as specialists rushed to localize the virus and switch off the infected computer, according to a statement from the exchange. No permanent damage was caused and no information was lost. Spokeswoman Zoya Konovkova said it was not clear what virus had led to the shutdown. According to RTS vice president Dmitry Shatskoi, the virus entered the system via a computer used to test new software, which was connected to the Internet.

Humanity Survives Kama Sutra Apocalypse

Security watchers say the Kama Sutra worm, which is programmed to overwrite files on infected Windows PCs today, will have a damaging but not catastrophic effect. The Kama Sutra worm (or Nyxem-E or Blackworm) poses as an email message offering a variety of salacious content. Subject lines used in the malicious emails include: The Best Videoclip Ever, Fw: SeX.mpg, Miss Lebanon 2006 and Fuckin Kama Sutra pics. The worm, which can also spread across network shares, only affects Windows PCs.

Worm Set to Delete Data Files on February 3

While the most high-profile security vulnerability of late was almost certainly the WMF hole recently patched by Microsoft, in terms of actual numbers of infections it was barely a blip on the radar. According to the anti-virus company F-Secure, one of the most populous and dangerous infections today is not some sophisticated bit of code exploiting a new and exotic security hole, but an old-school e-mail worm written in Visual Basic that spreads by tempting users with free pornography.

Viruses Use Sony Anti-Piracy CDs

Virus writers are exploiting Sony's controversial anti-piracy software to hide their malicious creations. In late October Sony was found to be using stealth techniques to hide software that stopped some of its CDs being illegally copied. Now three virus variants have been found that use the Sony software to evade detection by anti-virus programs. The rootkit is also installed on Mac OS X systems.

History’s Worst Software Bugs

This article lists the 10 worst software bugs in computing history. "In 1945, engineers found a moth in Panel F, Relay #70 of the Harvard Mark II system. The computer was running a test of its multiplier and adder when the engineers noticed something was wrong. The moth was trapped, removed and taped into the computer's logbook with the words: "first actual case of a bug being found."

Virus-safe Computing

Many virus attacks aren't really exploiting weaknesses in your operating sytem: they're simply tricking you into telling the OS to do things that it shouldn't do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA -- "limiting the rights of each program to only the ones needed for the job the user wants done"

Put spyware on the security map

When is a virus not a virus? When it's a piece of spyware. Spyware - also known as advertising-supported software or adware - has been until recently a fairly benign snooper on your surfing habits. The data it gathers from your visit is used to target you with tailored advertising, either in pop-up windows or emails. read more

The invisible threat from mobile devices

With the increasing convergence of phone and network aware devices, come new and often unnoticed threats. Features such as built-in cameras, wireless networking, Bluetooth, calendars, phone books, all present their own particular problems, and associated risks. My Take: Some claim that mobile devices are developed with less security in mind than any desktop OS ever was and that this will bite back users in a few years when the "mobile platform" becomes less diverse and instead more compatible.

FireFox/Mobile Security News

The UK security research company, Secunia said that it has found a critical security flaw in Firefox web-browser that could put users at risk of information disclosure attacks. In other security news, a variant of the Cabir mobile virus, which was developed at first to prove it is possible, called Mabir, has been targeting mobile phones using Symbian Series 60 operating systems.