Bugwatch: Worm viruses on the march

Link: Find out about the latest virus threats

They’ve already amassed an array of alerts from antivirus vendors and seem intent on continuing their conveyor-belt production of new variants and viruses.

In March alone, we issued six new alerts relating to worm-based viruses showing that worms remain the number one threat to home users and corporate networks.

Interestingly, the majority of these warnings concentrated on two main virus sources – Netsky and Bagle. These virus authors have recently dominated the scene.

The profusion of viruses from these two sources is the product of an ongoing worm war that can be traced over a number of months.

For instance, each time a new variant of Netsky is released, a new Bagle derivative is released also. The battle is being pitched on a number of levels, including counter insurgence operations.

Bagle, for example, is able to disable previous Netsky variants, while Netsky can neutralise previous Bagle viruses and others including MyDoom and Nachi. It also seems apparent that the virus writers are keen to align themselves strategically.

For example, originally neither one exploited application vulnerabilities, however as soon as Bagle used one, Netsky seemed to follow suit.

The ferocity of the conflict is being amplified by changes in the arena where the cyber battle is being fought. One fundamental development is the growing number of users connected to the internet, and more importantly, the amount of home users connected via broadband connections.

Mass-media advertising campaigns have successfully encouraged users to seek out faster, always-on connections that facilitate quick downloads and an improved online experience.

Unfortunately, users are often unaware of the potential threats associated with this kind of connection and can therefore fail to take the appropriate steps to protect themselves.

By plugging straight into the internet without the buffer of an early warning system, home users are becoming increasingly the target for malicious attacks and are emerging as the main vector of virus propagation.

Of course, this isn’t the only development affecting virus proliferation – money also plays its part.

Gone are the days, for example, when virus authors developed malicious code as a means of testing their technical abilities. Now many viruses attempt to steal valuable information.

Most incorporate backdoors, which enable hackers to access computers without the knowledge of the user. While inside, the uninvited guest can spread malicious code, gather email addresses for spam or pilfer credit card numbers from unsuspecting users.

While it is impossible to predict the future, it seems likely that the growing popularity of broadband connections and the apparent naivety of home users, will help the continued proliferation of new viruses and prolong the embittered battle between Bagle and Netsky.

Related reading