Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/20/2010
03:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

PandaLabs Recaps Year Of Malware With Its Virus Yearbook 2010

PandaLabs received more than 20 million new strains of malware

ORLANDO, Fla., Dec. 20, 2010/PRNewswire/ -- PandaLabs, Panda Security's anti-malware laboratory, is closing the year with a look at some of the unique and noteworthy viruses that have appeared over the last twelve months. The list of viruses is vast and varied, since in 2010, PandaLabs received more than 20 million new strains of malware.

This compilation does not contain the most prolific threats or those that caused the most infections, but is simply some of the viruses that caught PandaLabs' eye. The viruses that are included in the 'Virus Yearbook 2010' are:

-- The Mischievous Mac Lover:This title was earned from a remote-control program with the unsettling name of HellRaiser.A. This virus only affects Mac systems and needs user consent to install on a computer. Once installed, it can take remote control of the system and perform a host of functions, including opening the DVD tray. -- The Good Samaritan:Bredolab.Y came disguised as a message from Microsoft Support claiming that a new security patch for Outlook needed to be installed immediately. Upon download, users were exposed to the SecurityTool rogueware, which told users their systems were infected and then offered a fake solution that many fell for and purchased. A picture available of this Microsoft message is available at: http://www.flickr.com/photos/panda_security/5266665446/ -- Linguist of the Year:MSNWorm.IE emerged as a virus that was distributed via MSN Messenger with a link tempting the user into viewing a photo. This virus was created in 18 languages and always featured an emoticon at the end ":D" of each note. A screenshot of this MSN Message can be seen here: http://www.flickr.com/photos/panda_security/5266665496/ -- The Most Audacious:The Stuxnet malicious code was designed to target SCADA systems, i.e. critical infrastructures. The worm exploits a Microsoft USB security hole and has the sole intention of silently manipulating the core of industrial control systems. -- The Most Annoying:Oscarbot.YQ was a virus that infected your computer and continually prompted a pop-up window to ask users, "Are you sure you want to close the program? Yes - No?" Regardless of how many times users would close the window the same screen would appear repeatedly. You can see a screenshot of this message here: http://www.flickr.com/photos/panda_security/5266665546/ -- The Most Secure Worm:Clippo.A, a name that might remind some users of "Clippy," the Microsoft office assistant, is the most secure worm. Once installed on a computer, it password-protects all office documents. A user then can't open any documents without a password. There is no financial motivation for this worm, but it is yet another example of an annoying virus. -- A Victim of the Crisis:Viruses oftentimes mirror the state of the global economy. Typically, all ransomware (programs that block computers and demand a ransom to release them) demands a fee upwards of $300 to unblock a program. During the current financial crisis, however, PandaLabs discovered Ransom.AB, which was blocks the computer and asks for a mere $12 for a code to unblock it. -- The Most Economical:SecurityEssentials2010 was a virus that served as a fake counterpart to the official Microsoft antivirus product. Classified as adware, this acted like any other fake antivirus and alerted users to infections on their computers. Since the design and warning looked so authentic, many users were duped into buying the fake solution, making it one of the top 10 infections of 2010. A photo of this warning can be seen here: http://www.flickr.com/photos/panda_security/5266058581/

To close the yearbook for 2010, PandaLabs wants to also recognize the Mariposa (Butterfly)botnet as the insect of the year. Thanks to collaboration between Panda Security,the Spanish Civil Guard, FBI and Defense Intelligence, the botnet was dismantled in March and led to the arrest of its creators. Like a true insect, it fed on the nectar of other people's computers and flitting from one to another. In total, more than 1 million financial records were stolen using the Marioposa botnet.

More information is available from the PandaLabs Blog.

About PandaLabs

Since 1990, PandaLabs, Panda Security's malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda's user community to automatically detect, analyze and classify the more than 63,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com. Follow Panda on Twitter: http://twitter.com/Panda_Security and Facebook: http://www.facebook.com/PandaUSA.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).