Vulnerabilities / Threats
12/28/2012
06:04 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

PandaLabs Reveals Most Unique Viruses Of 2012 In Its Annual Virus Yearbook

These viruses stand out from the more than 24 million new strains of malware that emerged

ORLANDO, Fla., Dec. 27, 2012 /PRNewswire/ -- PandaLabs, the antimalware laboratory of Panda Security, the Cloud Security Company, has published its Virus Yearbook for 2012, outlining its picks for the most unique viruses of the past year.

Rather than a ranking of the most widespread viruses, or those that have caused most infections, these viruses are ones that deserve mention for standing out from the more than 24 million new strains of malware that emerged.

-- Police virus: This strain of malware caused most headaches for users and IT departments alike. It purports to show a message from the police telling users that their computer has been blocked - which it has - because they have supposedly downloaded illegal material. To recover their systems, users are asked to pay a fine. The most recent versions even show images taken with the user's webcam, making the scam all the more realistic. -- Flame: A close relative of Stuxnet, Flame is one of the most powerful cyber-war tools created so far, and infections have been focused primarily in the Middle East. -- Flashback: A bot that breaks away from the norm of infecting Windows and targets Apple systems and attacks thousands of Mac computers around the world. Since it appeared, Mac users are no longer quite as relaxed about security as they once were. -- Zeus: A Trojan that steals information from users of online banking services. This family of malware has been known for some time, yet it continues to spread. However this year new variants were detected, which in addition to infecting computers, compromise security on smartphones (Android, BlackBerry, Symbian), targeting those banks that send information via cellphone to customers as an additional security measure. -- Koobface: The most mendacious malware of the year, spent the whole of 2012 spreading endless lies on social networks in order to infect users. In one attack it related a spurious story about President Obama having punched someone who racially insulted him. So beware of sensational stories on social media, this is a favorite trick of cyber-crooks. -- BlackHole Exploit kit: One of the most popular kits for creating malware over the last year. It exploits numerous security holes to install and uses all types of exploits, particularly Java and Adobe. -- DarkAngle: A fake antivirus that poses as Panda CloudAntivirus. It takes advantage of the renown of Panda Security's free cloud antivirus to infect as many computers as possible. -- Ainslot.L: When it infects, the Ainslot.L bot scans computers and removes any other bots it finds. -- Kuluoz: A worm that refers to things supposedly bought only and then infects computers. The worm arrives in an email that looks as though it has been sent from FedEx, and tells users they have a parcel to collect. More information is available in the PandaLabs Blog.

About PandaLabs Since 1990, PandaLabs, Panda Security's malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda's user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com. Follow Panda on Twitter at http://twitter.com/Panda_Security and Facebook at http://www.facebook.com/PandaUSA.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.