Slashdot Mirror
Computer Viruses Broke 100,000 In 2004
Sammy at Palm Addict writes "The count of known computer viruses broke the 100,000 barrier in 2004 and the number of new viruses grew by more than 50% according to news from the BBC. The BBC also reports that 'phishing attempts, in which conmen try to trick people into handing over confidential data, are recording growth rates of more than 30% with attacks are becoming increasingly sophisticated.'"
They broke 100,000 in 2003 as well.
They can have my confidential data when they pry it from my dead frozen Windows OS... oh wait!
That is not a small number... that is a very large number!!! Ack poor compy.
Oh the humanity! I have to run my virus scanner 24/7 now. When will the.. [POST ABORTED: VIRUS DETECTED].
Now how many non Windows viruses were there? You could probably count them on one hand. Let's give credit (or blame) where it is due.
I'm running Windows XP. Bill Gates says I'm safe from viruses.
Does this mean Microsoft will take back that quote about how its the user's fault or the one that security isn't that important?
In the next few years we will see the emergence of an even more extreme battle of "Freedom of the Internet" vs. "Risk of Use" as people try ot lockdown the internet to prevent damage done when morons open up that "I Love You" E-mail.
Just a boy doing unproffesional IT work that's way above his head.
Phising scams are becoming more prevelant on the internet and world wide web. Unfortunately, they are now starting to show up on 'Blogs as well.
Do to the dedication of security we in the OSS community have, we are updating our servers and account information.
Please click the following link and verify your account information, password, and private PGP key.
In order to Verify your identity, please have your Visa or Mastercard account number ready
That would most likely be either the 5408th, 37322nd, 56446th or the 74353rd.
The most common sentence i heard from relatives this holiday was,
"Can you please fix my computer".
"I accidently clicked something and my computer is slow".
Should we really consider the dozens of variants of Bagle, Netstky, etc. separate viruses? Just because the anti-virus vendors choose to implement recognition of these variants by separate signatures, are they really different viruses?
I think it would be more interesting to know how many new virus/worm/trojan families were released year-to-year.
Don't underestimate the power of The Source
are they all unique? Or are many of them variants on an original? Seems to me we should only be counting big version
numbers and not the updates
That would be an interesting figure, and i guess it'd be pretty high. The ammount of mail traffic due to zombie machines spamming is amazing.
Does the article mention how many of those >100,000 affected the Mac OS platform?
The Top 10 List reads like the leader board at a chess competition.
1) Netsky-P
2) Zafi-B
3) Sasser
4) Netsky-B
5) Netsky-D
6) Netsky-Z
7) MyDoom-A
8) Sober-I
9) Netsky-C
10) Bagle-AA
---- You are fully entitled to my opinion.
I feel so cheated. My office Symantec Corporate Edition listed only 68585 viruses. Where are my other 31415 virus definition? :)
Shouldn't these be called 'Windows viruses'? It's not clear what their count entails, but the viruses listed seem to all be Windows-centric.
And no, this is not a troll--I use Windows, too. But this language reinforces the idea that the problem is with any and all computers, which hinders adoption of alternatives. (C.f. the growth in non-IE browsers once the problems with IE were understood by more people.)
One man's -1 Flamebait is another man's +5 Funny.
If computer viruses were detrimental to our health, we'd all be dead. Although, if computer viruses were actually deadly, think of how much smaller this number would be..
Beat the computer, program your life.
Just because you have an ultra-secure computer doesn't mean you should be complacent about theft of confidential data.
One of my buddies got his credit identity stolen a few months ago, he figures, by someone at a store who processed his credit application when he bought a home theatre system (Zero interest! Don't pay til way later!).
By the time collection agencies were knocking at his door, that store had closed.
Most listed, especially in the top 10, are just trivial variations of a previous virus/worm.
So it's kind of like MAME supporting umpteen billion different rom sets, when most of them are clones or revisions of an original game.
You could probably release 100,000 variants of NetSky if you wanted to, just by embedding random payloads.
I don't need no instructions to know how to rock!!!!
The first thing I thought when I saw the headline was 'broke 100,000 what?'. The headline should have been better, like 'crossed the 100,000 barrier' or just 'crossed 100,000'.
You know, I'm beginning to think these computer things aren't all that secure.
(p.s. I put a router between my computer and my cable modem, and I don't click on executable links unless they're from a trusted source and confirmed as having been sent deliberately; I have never--not ever--had a virus or a break-in on this subnet.)
The problem with this topic is that Microsoft is always blamed for making an inherently insecure operating system. They are also to blame because of "too little, too late", aka. activating the firewall by default only in SP2.
But quite frankly the ISPs and of course the individual users are to blame as well.
Why don't broadband ISPs require boradband firewalls? Only recently have some of them started to incorporate firewalled modems, and even then they're only sent to new customers. Would this mean that existing customers would have to spend money for a new router at the ISPs demand? You bet. But given the choice between disconnection or buying a $50 router, I'm sure that the vast majority would find a way to get that $50.
Additionally, most virii are sent over SMTP ports since they contain their own SMTP servers. I would not be against shutting down direct-from-client SMTP as long as those who run their own mail servers have the option of having their specific connection opened for SMTP traffic.
Finally, the users absolutely MUST be educated. There are enough free tools out there that no one should be unprotected. But again who should be responsible for teaching these end users?
At this point I would actually welcome something like a drivers license for broadband access. You don't gain the ability to use a broadband connection unless you prove to the ISP that you know the rules and that you are informed of how to be a responsible Netizen, including the use of firewalls, virus scanners, and alternate products like Mozilla, Eudora, Firefox, and others. If you break the "law" afterwards, your broadband privileges are revoked until you come into compliance.
If people were made aware that any virus or worm outbreak cause by them would mean the complete loss of their Internet connectivity, I think we'd see the number of virus infections drop dramatically.
But have an ISP do the responsible thing at the risk of pissing off customers? No, they'd rather spend billions of dollars a year on mail storage, spam-fighting hardware and software, increasing bandwidth usage, and always-rising amounts of mail to abuse@isp.net...and of course pass those charges onto us.
The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
I've gotten so cozy in my nearly MS-free world since I managed to offload the last W2K machine that I forget about the risks, and how that antiviral cruft soaked up CPU and RAM.
Until, that is, I open an MS Office document with macros, then the whole sense of dread and ire comes back; and I'm always surprised and annoyed when the latest worm brings local networks staggering to their knees.
Damn those pesky terrorists
100, 100.000 or more... viruses are quite easy to contain because they are unquestionably nuked as such. What I don't like is all the other semi-legitimate software (hello adware, hello malware, hello spyware) which can fuck up your computer almost as bad or worse, except they come with an EULA.
I think all software should come with a self-signed key. By default it should allow upgrades by the same key (version 1.0->version 1.1), but not let other programs update eachother (e.g. explorer hooks, IE hooks, grab default applications, overwrite system libraries etc.)
I'm talking about all optional here, not DRM. I would love to have it such that I could install apache on my linux box, and not have it overwritten by anyone but apache (without my explicit permission) as well. Right now, once you have root, it is enough. But proper rights should be "need-to-have". Give a program permission to install itself, but don't fuck the rest of the system? Today, that can't be done.
Kjella
Live today, because you never know what tomorrow brings
100000 virus == two's complement overflow for the 32bit OS on which they thrive. The number of computer virii is as misleading as the medical alternative considering the human toll that is exacted.
What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems. I really wish that Microsoft would include some basic type of anti-virus / anti-spyware utility with the operating system.
Yes, there would probably be a huge outcry about antitrust violations, but I believe the bottom line is that Microsoft has a duty to ship an operating system that is as reasonably secure as possible without including so many features as to push other vendors out of the market. I think the firewall in Windows XP SP2 is a good example of a compromise. The firewall includes enough basic features so that users aren't completely hanging out there in the wind, yet does not provide such a robust feature set so as to push third party firewall vendors out of the market. The disk defragmentation utility is another good example of a compromise. It has enough basic features to be useable, but not enough so as to push third party vendors out of the market.
Microsoft could do it if they wanted to, even if there was an outcry from vendors. Look at what they did with I.E. when they decided they wanted a piece of the browser market. For a more modern, post anti-trust trial example, look at what they are doing now with Windows Media Player. Yeah, the EU is calling them on it, but I think a real case could be made that a basic anti-virus / anti-spyware utility is as important a part of basic system security as a firewall.
Of course, if Microsoft just fixed I.E. and Outlook / Outlook Express, viruses and spyware wouldn't be as much of an issue, but we all know about how likely that is to happen.
my school email account caught an ebay phish the other day. The fact that the headers showed it coming from south korea kind of gave it away.
scary thing is, it seemed to make use of the nasty just-about-any-browser spoofing vulnerability that was found not too long ago.
Karma: Negative (Mostly affected by dorm trolling)
I always see these comments, but I want to know; if the mass of people using Windows today all switched over and were using Linux tomorrow, do you honestly think all of a sudden the computer world would be a safer place? Do you envision this utopia where all users suddenly start keeping their machines up to date to thwart off the latest exploit? Would we suddenly have ma and pa computer user logging into application.bugzilla.com and filing bug reports? If a trojan/worm/virus/etc was sent out and the user got infected and a dialog popped up saying they had to enter their root password to run it, do you think these same users that download everything off the net, always just click "yes" without reading anything, are going to say "if I log in as root I can cause serious damage" and not log in as root? no, a majority of them will log in as root and get exploited.
The only difference I see will be all the Linux zealots either a) switching to another OS because now it's not 1337 to be running Linux or b) the same people that blame Microsoft for all the users problems, will now start blaming the user (instead of blaming Linux).
Viruses still exist because programmers still use obscure C functions full of holes and obscure processors full of executable stacks.
Please programmers, read the electronic paper "Smashing The Stack For Fun And Profit" (->Google).
zzz
If you were paying attention, you'd have noted that not only is MSFT developing it's on AV tool but they also plan their own spyware scanner/remover.
/.ers old enough to remember that? They abandoned it, deciding it was too much work to maintain something that, at the time, wasn't viewed as a necessary compnent. And it wasn't needed, in a simpler, kinder, pre-internet world.
Windows 3.0 had MSAV, are any
I don't need no instructions to know how to rock!!!!
How many of those are actually found in the wild? 100,000 is a big number, but ultimately meaningless when you want to assess the risk posed by viri etc. Throwing around big numbers like that is more the realm of marketing than that of engineering. :)
quidquid latine dictum sit altum videtur.
The number sounds like FUD, once we get past the variants how many truely original viruses are there? I would imagine that very few original viruses have ever been created, the overwhelming majority are nothing more than variations on someone else's work.
I think the vast majority were malware and spyware. What is the difference between malware and a vius? Nothing really, it's just a trojan virus. So I feel this is understandable.
But, I am fuck1ng sick of the AOL commercials that talk about you losing all of your data and photos due to a virus. I posted about this before, I feel this is just wrong, to my knowledge there hasn't been a widespread virus in years that formatted your HD.
from TFA:
On the positive side, Finnish security firm F-Secure said that 2004 was the best-ever year for the capture, arrest and sentencing of virus writers and criminally-minded hackers.
In total, eight virus writers were arrested and some members of the so-called 29A virus writing group were sentenced.
Eight? EIGHT??
(deep sigh)
Mit der Dummheit kämpfen Götter selbst vergebens.
Is there really a need for viruses to get data?
... survey...
"Sure sir, two AA batteries, now if I could just get your phone number, home address and date of birth for a survey we're conducting!"
Clever wording for DATA MINING...
Tom
Someday, I'll have a real sig.
Please click the following link ^H^H^H^H^H^H^H^H^H^H slashdot.org] and verify your account information, password, and private PGP key.
-- i am jack's amusing sig file
High number of viruses/malware should be signal that antivirus software won't be good solution forever.
IMO, instead of brute signature detection, various sandboxes should be used: e.g. one should be able to run any app in virtual environment, any file application deletes or changes is only marked as such in sandbox config, network access should be blocked using custom setup etc.
Thus if I'm happy with application, and start trusting it (by checking what it has tried to do) I merge changes and release it from sandbox, if not - remove it and diffs of any changes it tried to do.
App itself sees merged state at all times, possibilities are endless, like groups of sandboxes etc.
These things are looking more and more realistic/genuine all of the time. The last I got I opened up the email just to take a look, and the reply to address was "cgi.ebay.com/cgi-bin/"whatever else... it looked so nearly authentic it was scary. Everyone sees the cgi-bin at the ebay page, so having the name cgi.ebay.com was just... yah... I see why people fall for these, they are just uninformed, thinking someone actually was trying to steal their eBay account and such. What needs to be done is when you sign up for stuff, you are required to read aloud to a microphone some statement about how the company will never send you emails to verify account information, social security numbers, and so on. It's the only way to guarantee they read it, but perhaps they still wouldn't understand it. It's just scary. What we need is to make a global law about these things as well... if you are found doing this sort of act, you and your whole immediate family is executed in front of a live TV audience. I bet it'd get higher ratings that Survivor!
Its has been proven time and time again that the problem is "Between the Keyboard and the Chair"
So I suggest that the ppl who extract/spread the viruses and have no idea how they got them, Pack up the PC and ship it back to the store cause they are too [)^/\/\-/\/ stupid to use em
Do you have a credit card from a company that likes to send you handy "checks" that can be written against your account?
All it takes is one punk to grab your mail and you have a problem.
Your mail can even be delivered to the wrong house and you can be compromised.
The fact is, we are not currently setup to deal with identity theft. We have a bunch of half measures that easily circumvented by anyone who thinks about it.
Smashing the Stack for Fun and Profit
The original link is here. This was originally published in Phrack #49 on 08 November 1996. It is still a relevant and useful article.
I want to drag this out as long as possible. Bring me my protractor.
Why do we refer to things that are not barriers as barriers? This talk goes on all the time on the site, and honestly, we can all do better than that. Let me explain:
A barrier is some thing, physical, abstract, whatever. Some property of the barrier or something associated with the barrier in some way prevents something from happening, or some condition from being reached.
The speed of light, for example, so far as we know it, is a barrier -- according to current understandings of the world, stuff cannot (normally, at least) travel faster than light. Ergo, c is a barrier.
The speed of sound is also a barrier. Typical aircraft encounter tremendous stresses as they approach the speed of sound. For a long time, we couldn't go faster than sound. But now, there is an understanding of how to design a body to break through that barrier. It still exists as a barrier, though: try and crank a 747 up to Mach 1 and watch what happens.
OK, so you see? A barrier has some property that prevents something else.
There is no barrier out there that prevents the creation of the 100,000th computer virus. There is nothing actively precluding another virus from being created.
At least not as long as IE is in the wild.
In my opionion virus (plural) nearly died out. What they now refer to as virus is mostly a worm; I haven't seen many digital parasites that integrate themself into binaries for several years now, and those things that open servers and copy themself from system to system are worms, they don't infect other binaries (cells), they just sit in the system (organism).
Life is just nature's way of keeping meat fresh.
And no, I'm not posting from my home network smartypants
Virus = Very Yes
Here's the true test of the Slashdotter: does he or she have a brain -- or not? If Gator gets Slashdotted from that post, we're all doomed.
--- Dan
Viruses have to propogate to be a problem. Kill the propogation means and the virus is nothing more than a programming oddity.Why don't the ISP's do the even easier thing and just firewall whole sections of their network? That way they have a single investment instead of a bunch of $50 "modems". Since all the traffic is traveling over their network anyway
But, again, the easiest thing would be for their ISP's to setup a website to do basic virus checking and to remind the customer of that in every bill they get. They could also put a button on their web-based email services to make it ultra-easy.That could work with a little bit of re-working. The ISP should be able to monitor the traffic on their network. If they see virus-like activity, they should be investigating it and cutting off that service.
Before anyone says that such would not be financially possible, I do a similar thing with spam where I work. Initially, there was a lot of work to do. But as I fixed each problem, there were fewer new problems.Rather, they'd prefer not to do anything so they don't have to deal with the problems. If spam and viruses are a big problem, they affect all ISP's equally. So there isn't any competitive advantage for one ISP to deal with the problem.
Unless you're working with a small, local ISP. Then you can get better support and service.
1) Integrate browser into OS so browser vulnerabilities are OS vulnerabilities
2) Halt development of browser for all platforms except Longhorn, and make some browser security patches available only to XP SP2 users
3) Make antivirus and anti-spyware software, and charge for it
4) Profit!
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
I think Gator just got slashdotted from that post...
YES! Connection refused! HAH!
How many people can read hex if only you and dead people can read hex?
Yea... because hard drives never fail outright or suffer physical damage that prevents normal access to the data on them..... in fact, when that happens, it's because your neighbor's computer running Windows picked the lock on your front door, went into your den, and damaged the drive on your 1337 Lunax machine, right?
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
Why not require they run Linux instead?
Knowing most ISP's, they'd implement a "broadband drivers license" in such a manner that it refused a connection to anyone who wasn't running the latest version of Windows, with all the system-slowing anti-virus, anti-spyware, anti-adware, firewalling software that is required of Windows users. Oh, and you can add DRM to that as requirement as well.
The society for a thought-free internet welcomes you.
The reason why most computers are so vulnerable is because of widespread similarity. Evolution does not favor the species that has no variation. Rather the more variation a species has the less likely it will be affected by viruses and other environmental effects. Seems like the more OS's and dissimilarities in people's systems the less often we would be dealing with widespread virus outbreaks.
Nothing to back up that statement, just a simple yes? One of the things that helps Linux at the moment is that the majority of the users are geeks who entire life revolves around computers. They keep up with every application on their machine and patch as soon as bugs are found and fixed. A lot of viruses on Windows are exploiting bugs that have been fixed, but the users don't keep up to date with their fixes. So, like I said, these users switch to Linux and you think all the sudden they'll be updating daily?
Didn't OS 7 and 8 run on both architectures? I remember using 7 on a PPC machine and seeing screenshots of OS 8 running in Basilisk II, the Mac M68k emulator.
It would be cool if it didn't suck.
But the ISP doesn't have to take the "lock down everything unless specifically requested to be open" approach.
They can monitor what ports are used by what customers and what ports are used by what viruses.
Example, the IRC controlled bots. If they see IRC activity on a line, they can send the customer a note notifying the customer. Then, if they see DDoS activity or a sudden flood of outbound email, they can check into the situation and possibly cut off that connection until the customer has fixed the problem.Yep. But that's only because thousands and thousands of people actually DIE because of cars each year.
On the Internet, the risk of death is far, Far, FAR, FAR less likely. So the same standards will not be applied.
What continues to blow my mind are the numbers of users who do not have anti-virus software installed or kept up to date on their systems.
I've never had any antivirus software installed. Never. At home I've run Windows 2003, XP, 2000, NT, ME, 98, 95 and 3.1.
I've also never had a virus. Ever. Safe browsing habits, proper choice of application software and a hardware firewall are enough. Anti-virus is mainly for those who are not knowledgeable enough to perform the above. While this is a large number of people, my own existance should not blow your mind.
Yeah, by sophisticated they mean its one where they put @citibank.com in the reply-to address of the email so you know its legit!
Are these COMPUTER viruses or (more likely) MICROSOFT WINDOWS viruses.
There's one hell of a difference and I'm betting it's the latter. Why ? Because Microsoft Windows is designed without regard to security. Hence the number of viruses/exploits for the platform.
Sky subscribers are morons. They pay to be advertised at !
How about they focus on making a more secure OS and leave the virus hunting to those who specialize in it.
In other words, MS needs to focus on fixing the OS and the rest will fix itself.
hardly... the attacks are becomming more asthetic, people are just using logos and trademarks for a false sense of security. i think its more that the average computer user is becomming less sophisticated, at least in a computer sense. its all relative
Wasn't it a copyright infringement lawsuit that forced MS to abandon MSAV?
mbbac
On linux, if your infected with a virus, reboot, log in as root, copy important data over from your regular user's home directory, remove the user and user's home. Recreate user, move data back over. Problem solved. Assuming that it was just a virus and not some kind of privilege escalation exploit (which don't happen all too often, and running up2date or you should always be fine) and that the user only has write access to their home directory and no where else (which is all you need) then literally the above procedure is all you need to do to fix an infected linux machine. Also most distros have well configured firewalls.
Regards,
Steve
What, you say? No viruses for Linux? If a rootkit doesn't count as "spyware", I don't know what does...
Do you have any exposed ports to the internet leading back to your UNIX box? Do you run old versions of php and apache?
Do the following:
Download ROOTKIT HUNTER now.
run 'rkhunter --update'
run 'rkhunter -c' and scan your system
when rootkit is found, reinstall OS, and restore critical data from backups
That doesn't mean you still can't spread viruses for other operating systems.
I run Virex/OSX and occassionally (though rarely) find something on my HD that's carrying a Windows payload.
The possibility of one of those files somehow winding up on Winboxen in my multi-platform network does exist, and if so, it could be as deadly a situation as if the Windows PC originated the file to begin with.
Despite the brahuhahas from MS marketing about "Trusted Security" initiatives, the viruses are proliferating out of control and in many cases slipping beyond the reach of many anti-virus detectors found today.
I find it incredulous that insufficient efforts were made to for the Microsoft Dutch Boy's skinny fingers flailing in vain to stopping this rising tide against the proverbial leaking dike of viruses.
Hello? Microsoft? WHat do you say to that?
What is really funny with windows is that the "new" feature from windows XP and 2003 is automatic registry recovery... So your antivirus can just wipe out the virus with all its keys, and it will luckyly just reinstall itself on next reboot, so you've lost no data.. Really a useful feature.
I gave up with the idea of an useful sig...
Take out all the substrains created by script kiddies who took the original code and edited it a bit to make their own strains and knockoffs, and we're left with what, twenty thousand strains?
Gaobot alone has what, ten thousand variants? Symantec's up to something like Worm.Gaobot.BGC to describe the strains now, which is 26^3 or something like that.
The real problem is the whiny little bratty script kiddies who make the damn knockoffs of the viruses and worms (ESPECIALLY the Bagle and NetSky groups), not the people who make the original master strains of the virus. Shoot the kiddies like Jaschen, and the world will be a LOT better off.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
The viruses are all open source so we can fix them up to do some real damage. :p
We aren't talking about desktop computers, we're talking about computers, period, namely those connected to the internet. Why should all the Apache servers on the net not count?
Many viruses use standard ports to call home.
If you are using only a hardware firewall you could already be owned and your computer could be seen by your firewall as an overactive mailer...
IANAL but write like a drunk one.
The biggest issue IMHO is the software-monoculture: ~90% of home users are running the same family of operating systems and are using different versions of the same browser and mail client. If you find an exploitable bug (and there is no bug-free software!), your malware can spread easily and hit the majority of users. More diversity would help.