Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Viruses Hit 30-Month High

Posted by CowboyNeal on from the my-worm-infested-inbox-agrees dept.

Mz6 writes "InformationWeek reports that Sophos has analysed and protected against 959 new viruses in May, this is the highest number of new viruses discovered in a single month since December 2001. From Sophos' own TopTen list they continue on to say that the 'Sasser and Netsky worms may have captured the headlines. ...May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.'"

14 of 252 comments (clear)

  1. Too bad by frankmanowar · · Score: 5, Funny

    That Sophos antivirus has the somewhat incredible problem of not being able to remove and clean viruses on an infected host... but hey, at least we know they're there.

    --

    "Other bands play, but Manowar KILLS"
  2. Of course... by Anonymous Coward · · Score: 5, Funny

    ... the school semester ends in May. What are all those CS graduates supposed to do in between being rejected for an interview and filling in a McDonald's application!

    1. Re:Of course... by Kithraya · · Score: 5, Interesting

      Your comment sort of does make me think about how many of these new threats/problems are being produced simply because some CS graduate is having a hard time finding that $100,000 a year job and is looking to stick it to the society that fooled him into banking his future on IT...?

  3. Security... by case_igl · · Score: 5, Insightful

    This is why security at the operating system layer is so important. How many homes and businesses are broken in to every day worldwide? Tens of thousands, I am sure. Computer crime will escalate in the future, to the point that virus software will probably barely be able to keep up.

    Laws aren't going to stop this kind of thing, we need better solutions for security that automatically adapt and defend the end user or system they are on.

    1. Re:Security... by dealsites · · Score: 5, Informative

      Security at the hardware layer is definately important, but don't under-estimate the power of a cheap NAT router. If if you don't need one, it will still keep out many of the IP port scans and vulnerabilities. I have a linksys with logging enabled, and it's amazing to watch the port scan in real time. I'm sure most of them are from script kiddies, or people that have compromised machines. But it sure does the job. NAT routers can be picked up for next to nothing these days.

      Of course it doesn't help with email viruses or attacks from the LAN side (ie, dumb users), but it helps cut down on the worm and viruses that propagate over the web.

      --
      New deal processing engine online: http://www.dealsites.net/livedeals.html

  4. HAZMAT by chaffed · · Score: 5, Funny

    I'm investing in a hazmat licence with all the infections I see on enduser computers.

    --
    What could possibly go wrong?
  5. Why I Believe It's Rising by seanmcelroy · · Score: 5, Insightful

    Of course the sheer number of computers out there and various OS flaws makes for more virus targets, but as for actual viruses, I attribute this to more people just know how to code. Coding has steadily become something with a large 'entry learning cost', to something many more people could do. Whether intentional or not, the average joe is becoming more exposed to the methodology of writing functional pieces of code through macros, application-specific scripts, etc. And as more jobs are offshored and people in other countries learn and become proficient at it, it's as simple as with a larger base of people knowing how to write code, and a constant ratio of all people with bad intentions, it will just keep increasing.

    Anyway, my two cents.

    --
    Be very, very careful what you put into that head, because you will never, ever get it out. -Thomas Cardinal Wolsey
    1. Re:Why I Believe It's Rising by jellomizer · · Score: 5, Insightful

      Well unfortunately Microsoft made it really easy to make viruses. Back in the old days any virus that would do any real wide damage was made in assembly. Infected .EXE or .COM files and they did their thing then ran the rest of the program normally more or less. This took real skill to make a virus that would alter the code of the program and still run the application itself. Now any smuck can make a virus. Wait for a security release by Microsoft or check some hackers websites until you see a hole that you can exploit. Then make a server side program that copies itself to an other system using the same problem. No tricky coding no knowledge of the underlining architecture is involved. So back in the old days a virus writer was scum but at least he was respected for his intelligence. Now the modern virus writer is scum who is doesn't deserver any respect because what he is doing isn't that hard, an intro programming class could teach him the skills to do that.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  6. Copycats and innovators by leshert · · Score: 5, Insightful

    Based on the last few analyses I've seen, it appears that occurrences of real "new" viruses, meaning ones made from whole cloth that "advance the state of the art", as it were, haven't really been up that much.

    What does seem to be up are "copycat" viruses--viruses that seem to be made from the new viruses. Either people are getting hold of the source to viruses, making a few modifications (to 'set their thumbprint' on them), and releasing them, or else just reverse-engineering the viruses. These "copycat" viruses do appear to be on the upswing. On the other hand, from all reports, the copycats tend to be poorly written and have flaws that either limit their spread or else limit their effectiveness.

    The real innovators, though, are definitely getting better every year.

    Is anyone doing that kind of analysis: rate of increase of "innovative", more dangerous viruses vs. random, garbage mods of existing ones? That would be an interesting glimpse into the state of the virus "industry".

  7. funny numbers by pedantic+bore · · Score: 5, Interesting
    It turns out that of the top 10, six are netsky variants. Makes you wonder whether they're counting the number of new viruses, or the number of variations (or bit patterns). It's hard to believe that there were really 959 new viruses in one month. Actually almost all of these viruses seem to be rehashes of the same old ideas, just a few new bells and whistles. Not that much innovation from what I can see.

    (not that I want there to be -- I'd be happy if all these sociopathic virus writers found something more productive to do, or just f****d off and died.)

    --
    Am I part of the core demographic for Swedish Fish?
  8. Don Sven, cybercriminal by Slashcrunch · · Score: 5, Insightful

    What a joke!

    "...noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan, the German teenager who has owned up to writing Sasser and Netsky has done nothing to curb the problem."

    Oh right, so the arrest of Sven was going to solve the problem...? Maybe he wasn't the cybercrime boss after all..? Idiots.

  9. Yes, but... by gillbates · · Score: 5, Funny

    How many of these affect Linux?

    Oh, right.

    And how is this news? Windows users expect to get hit by viruses; this is nothing new.

    When Linux starts getting hit, then I'll take notice.

    All those people who claim that Linux is ready for the desktop conveniently forget that it still doesn't support anywhere near the number of viruses that Windows does. A single release of Windows contains more virus enablement than all releases of Linux combined. When it comes down to it, Linux won't ever break into the desktop mainstream until Linus improves support for viruses.

    --
    The society for a thought-free internet welcomes you.
  10. How to curb the problem... by SamMichaels · · Score: 5, Insightful

    Say this with me: EDUCATE THE PERSON.

    I can't even estimate the number of people with whom I've dealt that have expired, disabled or even damaged anti-virus programs on their computers. Their justification is "I don't know about spending that $X/yr...I don't need it."

    For those with Windows versions that have the auto update features available, I can't even estimate the number of people with whom I've dealt that have it disabled, inactive or just ignore it. Their justification is "it slows down my AOL and it keeps popping stuff up or tries to restart the PC."

    It's *GREAT* for business and part of me wants to thank the virus writers, spammers and spyware folks...you're providing me with a chance to make some beer money. However, what it boils down to is SOMEONE has to educate the masses...and that someone is all of us; even if we just remind our family and close friends.

    Before your little brother or sister [son or daughter] go back to college this fall, MAKE SURE THEIR PC IS SECURE. The college folk with whom I've dealt have epidemics happening on campus...the networks are so overloaded that it's difficult to even fix the machine without taking it home.

  11. Re:That's all very nice, but Sophos is 'moneyware' by docbrazen · · Score: 5, Informative

    You could try:

    ClamAV, A GPL virus scanner featuring:
    * command-line scanner
    * fast, multi-threaded daemon
    * milter interface for sendmail
    * database updater with support for digital signatures
    * virus scanner C library
    * on-access scanning (Linux and FreeBSD)
    * detection of over 20000 viruses, worms and trojans
    * built-in support for RAR (2.0), Zip, Gzip, Bzip2
    * built-in support for Mbox, Maildir and raw mail files

    I use ClamAV on my mail server and it works pretty good.

    There is also an open source windows version called ClamWin Antivirus.