Current Computer Virus and Worm Information

It's easy to think that because the news headlines don't contain news of the latest worm or virus, the problem has gone away. It hasn't. It's just become commonplace, like traffic accidents.

To demonstrate this, here are a set of RSS feeds from various security vendors describing current worms or viruses. The price of security is, like the price liberty, eternal vigilence.

Current Virus/Worm Reports

• Top Ten Viruses/Worms Last Month (from Sophos)
  • Troj/Invo-Zip 1 New Troj/Invo-Zip 12%
  • W32/Netsky 2 3 W32/Netsky 9.5%
  • Mal/EncPk-EI 3 Re-entry Mal/EncPk-EI 7.8%
  • Troj/Pushdo-Gen 4 2 Troj/Pushdo-Gen 6.3%
  • Troj/Agent-HFU 5 1 Troj/Agent-HFU 5.6%
  • Mal/Iframe-E 6 5 Mal/Iframe-E 5.5%
  • Troj/Mdrop-BTV 7 Re-entry Troj/Mdrop-BTV 5.3%
  • Troj/Mdrop-BUF 8 Re-entry Troj/Mdrop-BUF 4.5%
  • Troj/Agent-HFZ 9 1 Troj/Agent-HFZ 4.4%
  • Troj/Agent-HGT 10 1 Troj/Agent-HGT 3.9%
• Sophos New/Current Virus/Worm Alerts
  • 3 Jul 2009 Mal/FakeAV-AL
  • 3 Jul 2009 Mal/Scribble-C
  • 3 Jul 2009 Troj/Agent-KJY
  • 3 Jul 2009 Troj/Agent-KJZ
  • 3 Jul 2009 Troj/Agent-KKA
  • 3 Jul 2009 Troj/Agent-KKC
  • 3 Jul 2009 Troj/Agent-KKD
  • 3 Jul 2009 Troj/Dloader-QB
  • 3 Jul 2009 Troj/JSRedir-T
  • 3 Jul 2009 W32/Koobfa-Gen
• Virus headlines from The Register
  • Speculation mounts over AVG plans for OS X client <h4>'Mac users have no antibodies'</h4> <p>AVG bosses aren't saying much, but there's new evidence the anti-virus maker is seriously considering building an application for the Mac.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Torrentreactor breach serves potent exploit cocktail <h4>iframe redirection redux</h4> <p>Torrentreactor has long been regarded as one of the top bit torrent search engines, and with the <a href="http://www.theregister.co.uk/2009/06/30/pirate_bay_next_stop/">demise of The Pirate Bay</a>, it's likely bigger than ever. Now, it's been breached and is serving a potent cocktail of exploits to people browsing the site, Websense Security Labs says.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Conficker left Manchester unable to issue traffic tickets <h4>Infection cost £1.5m in total</h4> <p>Manchester City Council was prevented from issuing hundreds of motoring penalty notices in time after the infamous Conficker worm knocked out parts of its IT systems.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/814/oracle-814.pdf?td=rss">What is your recession sales strategy?</a></p>
  • FTC settles with scareware scammers on reduced terms <h4>10 cents per victim? We've spent the rest</h4> <p>US consumer watchdogs at the Federal Trade Commission have agreed to settle a lawsuit against rogue security software distributors on reduced terms.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Microsoft cuts off Security Essentials downloads <h4>Less than a day later</h4> <p>Redmond has cut off access to its Microsoft Security Essentials beta, less than a day after offering the free security app to John Q. Public on a first-come, first-served basis.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • MS no-frills security scanner gets thumbs up in early tests <h4>Security Essentials does what it says on the tin</h4> <p>Microsoft's limited but free-of-extra-charge anti-malware scanner has performed creditably in early tests.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Microsoft begins Security Essentials downloads <h4>To Morro comes today</h4> <p>Microsoft has begun offering limited trial downloads of its no-added-cost anti-malware tool, targeted at consumer desktops.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/814/oracle-814.pdf?td=rss">What is your recession sales strategy?</a></p>
  • MS names ship date for free security suite <h4>Free as in lunch</h4> <p>Microsoft is launching its free security suite next week - the 23rd of June to be precise.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Firefox update squashes 9 security bugs, 4 critical <h4>Get yours today</h4> <p>Mozilla has released a new version of its Firefox browser that plugs nine security holes, four of which are rated "critical," the foundation's highest vulnerability level.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Apple fans targeted by smut-punting malware <h4>Uh, it's a booby trap</h4> <p>VXers are targeting Mac fans via a pair of new malware-themed attacks, one of which is on offer through what purports to be a portal for adult videos.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Symantec, McAfee cough up $750,000 on auto-renewals <h4>'Hide the ball' suspended</h4> <p>Symantec and McAfee have agreed to pay $375,000 apiece to settle charges they charged fees against customer credit cards without authorization.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Microsoft patches record number of security bugs <h4>Adobe crashes monster patch batch</h4> <p>Microsoft on Tuesday patched a record number of security vulnerabilities, plugging 31 holes in its Windows operating systems, Internet Explorer browser, and other products.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • McAfee downplays service pack fail <h4>Virus update leaves PCs unbootable</h4> <p>A recent McAfee service pack led to systems being rendered unbootable, according to posts on the security giant's support forums.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Apple security is 'struggling,' researcher says <h4>Laments lack of 'formal security program'</h4> <p>A well-known security consultant says Apple is struggling to effectively protect its users against malware and other online threats and suggests executives improve by adopting a secure development lifecycle to design its growing roster of products.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/814/oracle-814.pdf?td=rss">What is your recession sales strategy?</a></p>
  • Adobe's quarterly patch cycle to commence Tuesday <h4>'Critical' fix for some, but not all</h4> <p>Adobe Software's new quarterly patch cycle will commence on Tuesday with an update that patches a severe vulnerability in some versions its Reader and Acrobat products.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Critical Windows vulnerability under attack, Microsoft warns <h4>Drive-by web exploits possible</h4> <p>Microsoft has warned of a critical security bug in older versions of its Windows operating system that is already being exploited in the wild to remotely execute malware on vulnerable machines.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • RIM warns over PDF peril <h4>BlackBerry squash potential</h4> <p>Research In Motion (RIM) has warned of a vulnerability in how BlackBerry servers handle malformed PDF files that potentially leaves the door open to hacking attacks.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Microsoft fortifies Windows 7 kernel with overrun buster <h4>Safe unlinking coming to a PC near you</h4> <p>Microsoft engineers have fortified the latest version of Windows with a feature designed to make it significantly harder for attackers to exploit bugs that may be lurking deep inside the operating system.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Dodgy McAfee update slaps viral warning on Spotify <h4>Was someone listening to Phil Collins again?</h4> <p>Security software from McAfee wrongly identified the Spotify application as a virus, following a misfiring update published on Thursday.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • FBI and US Marshals laid low by mystery virus <h4>Tommy Lee Jones' paperwork delayed</h4> <p>A mystery viral infection forced the FBI and US Marshals Service to pull the plug on parts of their respective computer networks on Thursday, AP <a href="http://tech.yahoo.com/news/ap/20090521/ap_on_hi_te/us_feds_computer_virus" target="_blank">reports</a>.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Conficker: Hold the funeral, it's not dead yet <h4>50,000 new Windows systems hit every day</h4> <p>Media coverage of the Conficker superworm has died down over recent weeks but variants of the worm are still infecting 50,000 new PCs a day.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • BitDefender launches 'suck it and see' free anti-virus scanner <h4>Cut-down software in consumer marketing push</h4> <p>Romanian anti-virus firm BitDefender has begun offering a free version of its anti-virus scanner software to consumers.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Gumblar Google-poisoning attack morphs <h4>Drive-by download juggernaut relocates and picks up speed</h4> <p>A Web attack that poisons Google search results is getting worse, according to security researchers.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Ex-OLPC security man rocks up at Apple <h4>Cupertino knits Krstic into security blanket</h4> <p>One Laptop Per Child's former top security architect started a new job at Apple earlier this week.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Symantec hit by massive goodwill impairment <h4>Okay-ish financial numbers otherwise</h4> <p>Symantec announced moderately satisfying but recession-hit numbers for the full fiscal 2009 year, with the final quarter showing a revenue drop. A massive goodwill impairment charge of $7.4bn blew an enormous, non-cash hole into net income numbers for the full year and its final quarter.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Lame Mac 'email worm' limps into view <h4>Riddled with bugs and rather sad</h4> <p>Virus writers have created a worm that seeks to establish a botnet of compromised Mac machines. But the <a href="http://www.sophos.com/security/analyses/viruses-and-spyware/osxtoreda.html" target="_blank">Tored Mac worm</a>, which attempts to spread via email, is so hopelessly buggy and lame that it's about as likely to score as Steve Ballmer at an Apple convention.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Security researchers fret over Adobe PDF flaw <h4>Double danger</h4> <p>Adobe has warned that its Reader and Acrobat PDF software is vulnerable to an unpatched vulnerability.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Adobe users imperiled by critical Reader flaw <h4>Move over, Microsoft</h4> <p><strong>Updated</strong> Once again, Adobe is scouring its Reader application for bugs following reports that it's susceptible to two vulnerabilities that could allow attackers to remotely execute malicious code on end-users' machines.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Conficker botnet wake up call only pinged zombie minority <h4>Resident evil</h4> <p>The effective size of the Conficker botnet might be far smaller than previously thought.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Twitter worm author gets security job <h4>Teen causes chaos, employed, hacked</h4> <p>The self-confessed author of the recent Twitter worm has scored a potentially lucrative job doing security analysis and web development work.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Fake SMS snoop utility turns spies into zombies <h4>Bite back</h4> <p>A new variant of the infamous Waledac botnet client doing the rounds poses as a utility that allows would-be snoops to view other other people's SMS messages online.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Researchers dissect world's first Mac botnet <h4>When zombie Macs attack</h4> <p>Fresh research has shed new light on the world's first <a href="http://www.theregister.co.uk/2009/01/22/mac_trojan_attack/">Mac OS X botnet</a>, which causes infected machines to mount denial of service attacks.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Fourth anti-virus firm buys into behavioural blocking <h4>Veni, Vedi, Avinti</h4> <p>Web and email security firm Marshal8e6 has bought behaviour-based malware detection specialist Avinti. The terms of the deal, announced Tuesday, were undisclosed.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/814/oracle-814.pdf?td=rss">What is your recession sales strategy?</a></p>
  • One in ten PCs still vulnerable to Conficker exploit <h4>Scared yet? Eh? Eh?</h4> <p>Many systems are still unprotected against the Conficker superworm, weeks after the malware began spreading across the internet creating a huge botnet of compromised machines thought to number in the millions.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Conficker botnet stirs to distribute update payload <h4>It's alive!</h4> <p>The Conficker superworm is stirring, with the spread of a new variant that spreads across P2P and drops a payload. It is thought to update machines infected by earlier strains of the worm.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Old worm learns new Conficker tricks <h4>Collaborators or copycats?</h4> <p>Proving imitation in the sincerest form of flattery, even in the world of malware creation, VXers have adapted a four-year old worm to exploit the vulnerability used by the Conficker superworm.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Conficker zombie botnet drops to 3.5 million <h4>Map of the Problematique</h4> <p>The "activation" of Windows machines infected with the latest variant of the Conficker worm has allowed security watchers to come up with a far more accurate estimate of how many machines are infected.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Conficker suspect brought to book in Beavertown? <h4>Evidence of Russian sense of humour found!</h4> <p>While the rest of the world bit its nails in terror that the Conficker worm would somehow rise up and swamp the internet on 1 April, Russian wags seized on the opportunity to craft a subtle April Fool joke.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Sign up, sign up for <cite>The Register</cite> IT security newsletter <h4>Narrowcasting for the email classes</h4> <p>Today, <cite>The Register</cite> launches a weekly IT security email newsletter. This contains the headlines and links of all the security articles we produce ? up to 30 a week. Sign up <a href="http://account.theregister.co.uk/register/?product=security_news">here</a>.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/814/oracle-814.pdf?td=rss">What is your recession sales strategy?</a></p>
  • Conficker botnet remains dormant - for now <h4>All quiet on the malware front</h4> <p>Conficker changed the way parts of the botnet communicated overnight, but little else of note has happened so far.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/696/smartprotection-whitepaper.pdf?td=rss">Offloading malware protection to the cloud</a></p>
  • Scareware scammers latch onto Conficker hype <h4>Sysadmins served poisoned searches</h4> <p>Scammers are taking advantage of the huge interest in the impending "activation" of the Conficker superworm by poisoning search engine results.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/859/atth0s1n.pdf?td=rss">The power of collaboration within unified communications</a></p>
  • Busted! Conficker's tell-tale heart uncovered <h4>Researchers find super worm cure, just in time</h4> <p>Security experts have made a breakthrough in their five-month battle against the Conficker worm, with the discovery that the malware leaves a fingerprint on infected machines that is easy to detect using a variety of off-the-shelf network scanners.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Interweb Chuck Norris infiltrates Netflix, Tivo <h4>CSRF has two speeds: Hack and Kill</h4> <p>Researcher Lance James has been busy devising ways to play tricks on some of the world's bigger websites using an exotic attack known as CSRF, or cross site request forgery. While his exploits amount to little more than pranks, they point to the very sobering realization that the net isn't a very secure place.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Leaked memo says Conficker pwns Parliament <h4>House of Commons systems borked</h4> <p><strong>Updated</strong> The House of Commons IT systems has reportedly been infected by the infamous Conficker superworm, which has previously infected millions of Windows PCs and affected the operation of hospitals, military and large corporate systems.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/697/wp01-webthreats-080303-uk.pdf?td=rss">Web threats: Why conventional protection doesn't work</a></p>
  • Melissa anniversary marks birth of email-aware malware <h4>Supermodel of computer virus world turns 10, still spreading</h4> <p>Thursday (26 March) marks the 10th anniversary of the notorious Melissa virus, the first successful email-aware virus.?</p>
  • Final countdown to Conficker 'activation' begins <h4>T-minus six</h4> <p>Security watchers are counting down to a change in how the infamous Conficker (Downadup) worm updates malicious code, due to kick in on Wednesday 1 April.?</p>
  • Newfangled rootkits survive hard disk wiping <h4>BIOS attack targets PC nether region</h4> <p>Researchers have demonstrated how to create rootkits that survive hard-disk reformatting by injecting malware into the low-level system instructions of a target computer.?</p>
  • Romanian police arrest Pentagon hack suspect <h4>'Wolfenstein' cuffed</h4> <p>Romanian police have arrested a hacker suspected of breaking into Pentagon systems and planting malware.?</p>
  • A grim day for browser security at hacker contest <h4>Safari, IE and Firefox all down for the count</h4> <p><strong>CanSecWest</strong> Internet browser security took a beating during Day 1 of an annual hacking competition, with Apple's Safari, Microsoft's Internet Explorer and Mozilla's Firefox all being felled in a matter of hours.?</p><p><a href="http://whitepapers.theregister.co.uk/paper/view/892/legoland.pdf?td=rss">Case Study: WhatsUp keeps Legoland turnstyles ringing</a></p>
  • Worm burrows into Church of England email system <h4>Infected bishop loses e-pistles</h4> <p>The Bishop of Manchester has been unable to send or receive email messages for ten days following a computer virus infection.?</p>
• Sophos Virus Hoax List (Not all virus warnings are genuine!)
  • 1 Hotmail hoax 1 Hotmail hoax
  • 2 MSN is closing down 2 MSN is closing down
  • 3 Bonsai kitten 3 Bonsai kitten
  • 4 Olympic torch 4 Olympic torch
  • 5 A virtual card for you 5 A virtual card for you
  • 6 Meninas da Playboy 6 Meninas da Playboy
  • 7 Budweiser frogs screensaver 7 Budweiser frogs screensaver
  • 8 Bill Gates fortune 8 Bill Gates fortune
  • 9 Justice for Jamie 9 Justice for Jamie
  • 10 JDBGMGR 10 JDBGMGR

Note that it isn't quite as bad (or as good) as it looks:

• different anti-virus software vendors may have different names for the same virus,
• variants of older viruses still pose a major threat to machines not running anti-virus software,
• the threat rating given to a virus may change over time as it propagates more widely or its effects are more fully understood.