Slashdot Mirror
Computer Viruses Broke 100,000 In 2004
Sammy at Palm Addict writes "The count of known computer viruses broke the 100,000 barrier in 2004 and the number of new viruses grew by more than 50% according to news from the BBC. The BBC also reports that 'phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% with attacks are becoming increasingly sophisticated.'"
They broke 100,000 in 2003 as well.
They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!
That is not a small number... that is a very large number!!! Ack poor compy.
If they start beheading virus writers it would solve the problem
Oh the humanity! I have to run my virus scanner 24/7 now. When will the.. [POST ABORTED: VIRUS DETECTED].
Now how many non Windows viruses were there? You could probably count them on one hand. Let's give credit (or blame) where it is due.
I'm running Windows XP. Bill Gates says I'm safe from viruses.
Does this mean Microsoft will take back that quote about how its the user's fault or the one that security isn't that important?
In the next few years we will see the emergence of an even more extreme battle of "Freedom of the Internet" vs. "Risk of Use" as people try ot lockdown the internet to prevent damage done when morons open up that "I Love You" E-mail.
Just a boy doing unproffesional IT work that's way above his head.
Phising scams are becoming more prevelant on the internet and world wide web. Unfortunately, they are now starting to show up on 'Blogs as well.
Do to the dedication of security we in the OSS community have, we are updating our servers and account information.
Please click the following link and verify your account information, password, and private PGP key.
In order to Verify your identity, please have your Visa or Mastercard account number ready
That would most likely be either the 5408th, 37322nd, 56446th or the 74353rd.
The most common sentence i heard from relatives this holiday was,
"Can you please fix my computer".
"I accidently clicked something and my computer is slow".
Should we really consider the dozens of variants of Bagle, Netstky, etc. separate viruses? Just because the anti-virus vendors choose to implement recognition of these variants by separate signatures, are they really different viruses?
I think it would be more interesting to know how many new virus/worm/trojan families were released year-to-year.
Don't underestimate the power of The Source
are they all unique? Or are many of them variants on an original? Seems to me we should only be counting big version
numbers and not the updates
That would be an interesting figure, and i guess it'd be pretty high. The ammount of mail traffic due to zombie machines spamming is amazing.
Does the article mention how many of those >100,000 affected the Mac OS platform?
The Top 10 List reads like the leader board at a chess competition.
1) Netsky-P
2) Zafi-B
3) Sasser
4) Netsky-B
5) Netsky-D
6) Netsky-Z
7) MyDoom-A
8) Sober-I
9) Netsky-C
10) Bagle-AA
---- You are fully entitled to my opinion.
I feel so cheated. My office Symantec Corporate Edition listed only 68585 viruses. Where are my other 31415 virus definition? :)
Shouldn't these be called 'Windows viruses'? It's not clear what their count entails, but the viruses listed seem to all be Windows-centric.
And no, this is not a troll--I use Windows, too. But this language reinforces the idea that the problem is with any and all computers, which hinders adoption of alternatives. (C.f. the growth in non-IE browsers once the problems with IE were understood by more people.)
One man's -1 Flamebait is another man's +5 Funny.
I couldn't find the percentage of these viruses that were affecting Windows. I'd like to see a list of the top 10 Windows viruses and the top 10 Linux viruses (viri?). It should also include the dollar impact estimates of each. I realize Linux has a smaller market share, but I think even if you adjust for this, the impact on Linux would be extrememly small compared to Winders. Somebody do this in the next 30 minutes, please and thank you.
If computer viruses were detrimental to our health, we'd all be dead. Although, if computer viruses were actually deadly, think of how much smaller this number would be..
Beat the computer, program your life.
Just because you have an ultra-secure computer doesn't mean you should be complacent about theft of confidential data.
One of my buddies got his credit identity stolen a few months ago, he figures, by someone at a store who processed his credit application when he bought a home theatre system (Zero interest! Don't pay til way later!).
By the time collection agencies were knocking at his door, that store had closed.
Most listed, especially in the top 10, are just trivial variations of a previous virus/worm.
So it's kind of like MAME supporting umpteen billion different rom sets, when most of them are clones or revisions of an original game.
You could probably release 100,000 variants of NetSky if you wanted to, just by embedding random payloads.
I don't need no instructions to know how to rock!!!!
It's only once in a few blue moons I'm hearing about virii for other OS's than Windows ; So anyone can hook me up with some figures ?
The first thing I thought when I saw the headline was 'broke 100,000 what?'. The headline should have been better, like 'crossed the 100,000 barrier' or just 'crossed 100,000'.
You know, I'm beginning to think these computer things aren't all that secure.
(p.s. I put a router between my computer and my cable modem, and I don't click on executable links unless they're from a trusted source and confirmed as having been sent deliberately; I have never--not ever--had a virus or a break-in on this subnet.)
If the score for your post was indicative of the humor factor, then it is incredibly low. I either laughed way too long, or not enough.
-AC
The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.
But quite frankly the ISPs and of course the individual users are to blame as well.
Why don't broadband ISPs require boradband firewalls? Only recently have some of them started to incorporate firewalled modems, and even then they're only sent to new customers. Would this mean that existing customers would have to spend money for a new router at the ISPs demand? You bet. But given the choice between disconnection or buying a $50 router, I'm sure that the vast majority would find a way to get that $50.
Additionally, most virii are sent over SMTP ports since they contain their own SMTP servers. I would not be against shutting down direct-from-client SMTP as long as those who run their own mail servers have the option of having their specific connection opened for SMTP traffic.
Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?
At this point I would actually welcome something like a drivers license for broadband access. You don't gain the ability to use a broadband connection unless you prove to the ISP that you know the rules and that you are informed of how to be a responsible Netizen, including the use of firewalls, virus scanners, and alternate products like Mozilla, Eudora, Firefox, and others. If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.
If people were made aware that any virus or worm outbreak cause by them would mean the complete loss of their Internet connectivity, I think we'd see the number of virus infections drop dramatically.
But have an ISP do the responsible thing at the risk of pissing off customers? No, they'd rather spend billions of dollars a year on mail storage, spam-fighting hardware and software, increasing bandwidth usage, and always-rising amounts of mail to abuse@isp.net...and of course pass those charges onto us.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
I've gotten so cozy in my nearly MS-free world since I managed to offload the last W2K machine that I forget about the risks, and how that antiviral cruft soaked up CPU and RAM.
Until, that is, I open an MS Office document with macros, then the whole sense of dread and ire comes back; and I'm always surprised and annoyed when the latest worm brings local networks staggering to their knees.
Damn those pesky terrorists
100, 100.000 or more... viruses are quite easy to contain because they are unquestionably nuked as such. What I don't like is all the other semi-legitimate software (hello adware, hello malware, hello spyware) which can fuck up your computer almost as bad or worse, except they come with an EULA.
I think all software should come with a self-signed key. By default it should allow upgrades by the same key (version 1.0->version 1.1), but not let other programs update eachother (e.g. explorer hooks, IE hooks, grab default applications, overwrite system libraries etc.)
I'm talking about all optional here, not DRM. I would love to have it such that I could install apache on my linux box, and not have it overwritten by anyone but apache (without my explicit permission) as well. Right now, once you have root, it is enough. But proper rights should be "need-to-have". Give a program permission to install itself, but don't fuck the rest of the system? Today, that can't be done.
Kjella
Live today, because you never know what tomorrow brings
100000 virus == two's complement overflow for the 32bit OS on which they thrive. The number of computer virii is as misleading as the medical alternative considering the human toll that is exacted.
What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems. I really wish that Microsoft would include some basic type of anti-virus / anti-spyware utility with the operating system.
Yes, there would probably be a huge outcry about antitrust violations, but I believe the bottom line is that Microsoft has a duty to ship an operating system that is as reasonably secure as possible without including so many features as to push other vendors out of the market. I think the firewall in Windows XP SP2 is a good example of a compromise. The firewall includes enough basic features so that users aren't completely hanging out there in the wind, yet does not provide such a robust feature set so as to push third party firewall vendors out of the market. The disk defragmentation utility is another good example of a compromise. It has enough basic features to be useable, but not enough so as to push third party vendors out of the market.
Microsoft could do it if they wanted to, even if there was an outcry from vendors. Look at what they did with I.E. when they decided they wanted a piece of the browser market. For a more modern, post anti-trust trial example, look at what they are doing now with Windows Media Player. Yeah, the EU is calling them on it, but I think a real case could be made that a basic anti-virus / anti-spyware utility is as important a part of basic system security as a firewall.
Of course, if Microsoft just fixed I.E. and Outlook / Outlook Express, viruses and spyware wouldn't be as much of an issue, but we all know about how likely that is to happen.
my school email account caught an ebay phish the other day. The fact that the headers showed it coming from south korea kind of gave it away.
scary thing is, it seemed to make use of the nasty just-about-any-browser spoofing vulnerability that was found not too long ago.
Karma: Negative (Mostly affected by dorm trolling)
Viruses still exist because programmers still use obscure C functions full of holes and obscure processors full of executable stacks.
Please programmers, read the electronic paper "Smashing The Stack For Fun And Profit" (->Google).
zzz
If you were paying attention, you'd have noted that not only is MSFT developing it's on AV tool but they also plan their own spyware scanner/remover.
/.ers old enough to remember that? They abandoned it, deciding it was too much work to maintain something that, at the time, wasn't viewed as a necessary compnent. And it wasn't needed, in a simpler, kinder, pre-internet world.
Windows 3.0 had MSAV, are any
I don't need no instructions to know how to rock!!!!
How many of those are actually found in the wild? 100,000 is a big number, but ultimately meaningless when you want to assess the risk posed by viri etc. Throwing around big numbers like that is more the realm of marketing than that of engineering. :)
quidquid latine dictum sit altum videtur.
The number sounds like FUD, once we get past the variants how many truely original viruses are there? I would imagine that very few original viruses have ever been created, the overwhelming majority are nothing more than variations on someone else's work.
I think the vast majority were malware and spyware. What is the difference between malware and a vius? Nothing really, it's just a trojan virus. So I feel this is understandable.
But, I am fuck1ng sick of the AOL commercials that talk about you losing all of your data and photos due to a virus. I posted about this before, I feel this is just wrong, to my knowledge there hasn't been a widespread virus in years that formatted your HD.
from TFA:
On the positive side, Finnish security firm F-Secure said that 2004 was the best-ever year for the capture, arrest and sentencing of virus writers and criminally-minded hackers.
In total, eight virus writers were arrested and some members of the so-called 29A virus writing group were sentenced.
Eight? EIGHT??
(deep sigh)
Mit der Dummheit kämpfen Götter selbst vergebens.
How can you defend yourself? Go to CNET and download the most popular anti-spyware product produced by a commercial company. Also, buy a commercial anti-virus product: e.g. McAfee. Never respond to e-mail that requests personal information; reputable companies never ask for personal details by e-mail.
Is there really a need for viruses to get data?
... survey...
"Sure sir, two AA batteries, now if I could just get your phone number, home address and date of birth for a survey we're conducting!"
Clever wording for DATA MINING...
Tom
Someday, I'll have a real sig.
Please click the following link ^H^H^H^H^H^H^H^H^H^H slashdot.org] and verify your account information, password, and private PGP key.
-- i am jack's amusing sig file
High number of viruses/malware should be signal that antivirus software won't be good solution forever.
IMO, instead of brute signature detection, various sandboxes should be used: e.g. one should be able to run any app in virtual environment, any file application deletes or changes is only marked as such in sandbox config, network access should be blocked using custom setup etc.
Thus if I'm happy with application, and start trusting it (by checking what it has tried to do) I merge changes and release it from sandbox, if not - remove it and diffs of any changes it tried to do.
App itself sees merged state at all times, possibilities are endless, like groups of sandboxes etc.
These things are looking more and more realistic/genuine all of the time. The last I got I opened up the email just to take a look, and the reply to address was "cgi.ebay.com/cgi-bin/"whatever else... it looked so nearly authentic it was scary. Everyone sees the cgi-bin at the ebay page, so having the name cgi.ebay.com was just... yah... I see why people fall for these, they are just uninformed, thinking someone actually was trying to steal their eBay account and such. What needs to be done is when you sign up for stuff, you are required to read aloud to a microphone some statement about how the company will never send you emails to verify account information, social security numbers, and so on. It's the only way to guarantee they read it, but perhaps they still wouldn't understand it. It's just scary. What we need is to make a global law about these things as well... if you are found doing this sort of act, you and your whole immediate family is executed in front of a live TV audience. I bet it'd get higher ratings that Survivor!
Its has been proven time and time again that the problem is "Between the Keyboard and the Chair"
So I suggest that the ppl who extract/spread the viruses and have no idea how they got them, Pack up the PC and ship it back to the store cause they are too [)^/\/\-/\/ stupid to use em
Do you have a credit card from a company that likes to send you handy "checks" that can be written against your account?
All it takes is one punk to grab your mail and you have a problem.
Your mail can even be delivered to the wrong house and you can be compromised.
The fact is, we are not currently setup to deal with identity theft. We have a bunch of half measures that easily circumvented by anyone who thinks about it.
Smashing the Stack for Fun and Profit
The original link is here. This was originally published in Phrack #49 on 08 November 1996. It is still a relevant and useful article.
I want to drag this out as long as possible. Bring me my protractor.
Why do we refer to things that are not barriers as barriers? This talk goes on all the time on the site, and honestly, we can all do better than that. Let me explain:
A barrier is some thing, physical, abstract, whatever. Some property of the barrier or something associated with the barrier in some way prevents something from happening, or some condition from being reached.
The speed of light, for example, so far as we know it, is a barrier -- according to current understandings of the world, stuff cannot (normally, at least) travel faster than light. Ergo, c is a barrier.
The speed of sound is also a barrier. Typical aircraft encounter tremendous stresses as they approach the speed of sound. For a long time, we couldn't go faster than sound. But now, there is an understanding of how to design a body to break through that barrier. It still exists as a barrier, though: try and crank a 747 up to Mach 1 and watch what happens.
OK, so you see? A barrier has some property that prevents something else.
There is no barrier out there that prevents the creation of the 100,000th computer virus. There is nothing actively precluding another virus from being created.
At least not as long as IE is in the wild.
...the number of Mac OS X viruses remains at 0, frustrating antivirus software vendors worldwide.
And by the way, that's not just due to marketshare. If the rumored $499 Mac mentioned in a story earlier this morning is real, that will do quite a bit towards proving that OS X security is not due to obscurity.
In my opionion virus (plural) nearly died out. What they now refer to as virus is mostly a worm; I haven't seen many digital parasites that integrate themself into binaries for several years now, and those things that open servers and copy themself from system to system are worms, they don't infect other binaries (cells), they just sit in the system (organism).
Life is just nature's way of keeping meat fresh.
And no, I'm not posting from my home network smartypants
Virus = Very Yes
Here's the true test of the Slashdotter: does he or she have a brain -- or not? If Gator gets Slashdotted from that post, we're all doomed.
--- Dan
Viruses have to propogate to be a problem. Kill the propogation means and the virus is nothing more than a programming oddity.Why don't the ISP's do the even easier thing and just firewall whole sections of their network? That way they have a single investment instead of a bunch of $50 "modems". Since all the traffic is traveling over their network anyway
But, again, the easiest thing would be for their ISP's to setup a website to do basic virus checking and to remind the customer of that in every bill they get. They could also put a button on their web-based email services to make it ultra-easy.That could work with a little bit of re-working. The ISP should be able to monitor the traffic on their network. If they see virus-like activity, they should be investigating it and cutting off that service.
Before anyone says that such would not be financially possible, I do a similar thing with spam where I work. Initially, there was a lot of work to do. But as I fixed each problem, there were fewer new problems.Rather, they'd prefer not to do anything so they don't have to deal with the problems. If spam and viruses are a big problem, they affect all ISP's equally. So there isn't any competitive advantage for one ISP to deal with the problem.
Unless you're working with a small, local ISP. Then you can get better support and service.
Saying that Phishing is up is an interesting statistic, because I'm sure a ton of it goes undetected. Maybe companies are just getting better at identifying it.
Peep that
1) Integrate browser into OS so browser vulnerabilities are OS vulnerabilities
2) Halt development of browser for all platforms except Longhorn, and make some browser security patches available only to XP SP2 users
3) Make antivirus and anti-spyware software, and charge for it
4) Profit!
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
I think Gator just got slashdotted from that post...
YES! Connection refused! HAH!
How many people can read hex if only you and dead people can read hex?
Yea... because hard drives never fail outright or suffer physical damage that prevents normal access to the data on them..... in fact, when that happens, it's because your neighbor's computer running Windows picked the lock on your front door, went into your den, and damaged the drive on your 1337 Lunax machine, right?
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
I believe this is refered to as a PEBCAD error "Problem Exists Between Chair And Desk"
Why not require they run Linux instead?
Knowing most ISP's, they'd implement a "broadband drivers license" in such a manner that it refused a connection to anyone who wasn't running the latest version of Windows, with all the system-slowing anti-virus, anti-spyware, anti-adware, firewalling software that is required of Windows users. Oh, and you can add DRM to that as requirement as well.
The society for a thought-free internet welcomes you.
Someone wrote virusus to break 100,000? What will this mean for the number line? Those bastards.
The reason why most computers are so vulnerable is because of widespread similarity. Evolution does not favor the species that has no variation. Rather the more variation a species has the less likely it will be affected by viruses and other environmental effects. Seems like the more OS's and dissimilarities in people's systems the less often we would be dealing with widespread virus outbreaks.
Didn't OS 7 and 8 run on both architectures? I remember using 7 on a PPC machine and seeing screenshots of OS 8 running in Basilisk II, the Mac M68k emulator.
It would be cool if it didn't suck.
But the ISP doesn't have to take the "lock down everything unless specifically requested to be open" approach.
They can monitor what ports are used by what customers and what ports are used by what viruses.
Example, the IRC controlled bots. If they see IRC activity on a line, they can send the customer a note notifying the customer. Then, if they see DDoS activity or a sudden flood of outbound email, they can check into the situation and possibly cut off that connection until the customer has fixed the problem.Yep. But that's only because thousands and thousands of people actually DIE because of cars each year.
On the Internet, the risk of death is far, Far, FAR, FAR less likely. So the same standards will not be applied.
Seeing that most of them were viruses that affected windows machines, if we eliminated all of those we would have a substantially smaller number. When opportunity arises, people will take advantage of it. Well windows was taken advantage of unfortunately.
Isn't shipping an anti-virus product just treating the system? Wouldn't it be a better idea to simply make the system resilient against viruses?
(Though MS did buy an AV company a couple of months back. Perhaps in Short^wLonghorn?)
What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems.
I've never had any antivirus software installed. Never. At home I've run Windows 2003, XP, 2000, NT, ME, 98, 95 and 3.1.
I've also never had a virus. Ever. Safe browsing habits, proper choice of application software and a hardware firewall are enough. Anti-virus is mainly for those who are not knowledgeable enough to perform the above. While this is a large number of people, my own existance should not blow your mind.
Yeah, by sophisticated they mean its one where they put @citibank.com in the reply-to address of the email so you know its legit!
Also known as an ID 10-T or "IDIOT"
... because I remotely enabled your XP firewall. Er, wait...
Are these COMPUTER viruses or (more likely) MICROSOFT WINDOWS viruses.
There's one hell of a difference and I'm betting it's the latter. Why ? Because Microsoft Windows is designed without regard to security. Hence the number of viruses/exploits for the platform.
Sky subscribers are morons. They pay to be advertised at !
How about they focus on making a more secure OS and leave the virus hunting to those who specialize in it.
In other words, MS needs to focus on fixing the OS and the rest will fix itself.
hardly... the attacks are becomming more asthetic, people are just using logos and trademarks for a false sense of security. i think its more that the average computer user is becomming less sophisticated, at least in a computer sense. its all relative
Wasn't it a copyright infringement lawsuit that forced MS to abandon MSAV?
mbbac
What, you say? No viruses for Linux? If a rootkit doesn't count as "spyware", I don't know what does...
Do you have any exposed ports to the internet leading back to your UNIX box? Do you run old versions of php and apache?
Do the following:
Download ROOTKIT HUNTER now.
run 'rkhunter --update'
run 'rkhunter -c' and scan your system
when rootkit is found, reinstall OS, and restore critical data from backups
That doesn't mean you still can't spread viruses for other operating systems.
I run Virex/OSX and occassionally (though rarely) find something on my HD that's carrying a Windows payload.
The possibility of one of those files somehow winding up on Winboxen in my multi-platform network does exist, and if so, it could be as deadly a situation as if the Windows PC originated the file to begin with.
Despite the brahuhahas from MS marketing about "Trusted Security" initiatives, the viruses are proliferating out of control and in many cases slipping beyond the reach of many anti-virus detectors found today.
I find it incredulous that insufficient efforts were made to for the Microsoft Dutch Boy's skinny fingers flailing in vain to stopping this rising tide against the proverbial leaking dike of viruses.
Hello? Microsoft? WHat do you say to that?
Hrmfff - MS has a total strangle-hold on the computer Virus and Worm market. Somebody should file another anti-trust suit and force MS to release its Virus API so that Linux and other OSs can also benefit from it.
29A = 666 decimal? I guess that is a sad pun...
What is really funny with windows is that the "new" feature from windows XP and 2003 is automatic registry recovery... So your antivirus can just wipe out the virus with all its keys, and it will luckyly just reinstall itself on next reboot, so you've lost no data.. Really a useful feature.
I gave up with the idea of an useful sig...
Take out all the substrains created by script kiddies who took the original code and edited it a bit to make their own strains and knockoffs, and we're left with what, twenty thousand strains?
Gaobot alone has what, ten thousand variants? Symantec's up to something like Worm.Gaobot.BGC to describe the strains now, which is 26^3 or something like that.
The real problem is the whiny little bratty script kiddies who make the damn knockoffs of the viruses and worms (ESPECIALLY the Bagle and NetSky groups), not the people who make the original master strains of the virus. Shoot the kiddies like Jaschen, and the world will be a LOT better off.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
The viruses are all open source so we can fix them up to do some real damage. :p
We aren't talking about desktop computers, we're talking about computers, period, namely those connected to the internet. Why should all the Apache servers on the net not count?
disgruntled, outsourced programmers to do with their time, write kids software?
Many viruses use standard ports to call home.
If you are using only a hardware firewall you could already be owned and your computer could be seen by your firewall as an overactive mailer...
IANAL but write like a drunk one.
The biggest issue IMHO is the software-monoculture: ~90% of home users are running the same family of operating systems and are using different versions of the same browser and mail client. If you find an exploitable bug (and there is no bug-free software!), your malware can spread easily and hit the majority of users. More diversity would help.