o A glossary of Viruses
    o Virus Protection and business risk
    o What is part of a technical solution to block viruses
    o Safety Commandments to prevent getting viruses
    o Computer E-Mail Viruses
    o The Trojan Horse virus
    o Worm Viruses
    o Cashing In on Virus Infections
    o legal action taken by some of the major online companies against spamers
    o Netscape's site. There is a short Q&A about viruses and a helpful glossary
    o Examples of a virus hidden in an email

It is noted that

"The problem with today's viruses is twofold: Not only can they be easily rewritten to change their signatures and bypass antivirus tools, but they are also tempting attachment types for click-happy users who see nothing wrong with opening mail attachments from trusted sources. "

translated

1. viruses can change form so the anti-virus software you installed, and obediently updated, cannot recognize the new virus as a threat, and does not screen it out

2. too many people are indiscrimantly passing on viruses without following basic security procedures 

So, what is the problem when people don't listen, and follow proper procedures to protect against viruses?

Radcliff quotes Roland Cuny, chief technology officer at Webwasher.com, an Internet content filtering vendor
Cuny says "Training is not enough. You also need a technical solution,"
 

Radcliff quotes experts saying you can "...set up filters to block executable attachments before they get to desktops. Blocking file types known to carry viruses and Trojan horses (hidden programs) may sound extreme. Bruce Moulton, vice president of infrastructure risk management at Fidelity Investments in Boston said he first reviewed how his company uses these file types. Once he determined that these attachments weren't even  used for business purposes, making the decision to block them was easy. "The business impact of shutting out  these file types is zero because 99.9% of these attachments that come in are for personal viewing, like animated  Christmas cards, movie clips, things like that," 

 

UTM student Kiel D. in March 2009 emailed to provide some info on cell phone viruses.

Keil summarizes
"According to the article, today's mobile  viruses have become much smarter than previous versions. Today's  versions 'aim to steal phone books and contact lists to initiate  premium text messaging activity for money-making schemes.' The article  continues stating that the previous viruses were relatively harmless  intended to simply replicate. However, today's viruses are more  serious and related to crime such as stealing money, and personal  information. In addition, the article states that mobile viruses are  growing rapidly because mobile devices are being used more and more.  The article also mentions various viruses to watch out for such as:  CommWarrior, Beselo, and Symbian. The article can be accessed here "
 http://www.esecurityplanet.com/trends/article.php/3760936/Greater-Mobile-Use-Brings-Bigger-Virus-Threat.htm 

In conclusion, Kiel raises an important consideration "Reading this article, I was surprised how mobile viruses became so  threatening because if a virus accesses your mobile device, it will  have access to personal information, which may also lead to identity  theft."

1) Save. No computer is immune to crashes or other events that can take out a work in progress. 
2) Back up. Your important files on a regular basis and store the backup copy somewhere other than on your computer (CD or floppy). This way if a virus does get through and destroy files you can restore them from your back-up copy. 
3) Invest. In software/hardware to create a simple to use system 
4) Install. A reputable virus scanner and keep it updated regularly. Avoid virus, worms and trojans from e-mail or downloads which will cause damage to your programs or hardware. 
5) Use. Antivirus program (at least once a week) as well as every time you download any freeware or software that is shareware. Make sure that it is properly configured for your computer system. Software makers routinely update their virus lists whenever a new virus is discovered, so you will need to update your software with new virus definitions at least once per week. NEVER open any downloaded file unless it has been scanned by anti-virus software with current signatures. 

Here are a few points to remember says FreewareRocks.com. 

Remember:

"A virus can not appear on your computer all by itself. You get it by sharing infected files or diskettes, or by downloading infected files from the Internet. 

Generally, you can not get a virus by reading the body of an email message, they are usually carried in an attachment (e.g., a Word or Excel file). These attachments should be scanned automatically before you read them. 

There are a few things you can do to protect your computer from virus infection.  Most important on the list is to install - update and use a high-quality anti-virus program, and especially be sure to update it regularly. A non-updated Anti-Virus program is outdated and practically useless. Use it to scan any files, programs, software, or diskettes (even new software from a commercial company) before you use them on your computer. 

Never open any attachment with two extensions.  For instance, "iamavirus.txt.vbs" should definitely cause you to raise an eyebrow.  Virus creators use this as a way to disguise their destructive payload.  Many of our computers are set to not display any extensions at all so the double extension rule may not always work."

"Code Red, named for a caffeinated soft drink favored by computer programmers, scans the Internet for other computers to infect, and as more computers are infected the scanning gets more widespread and could slow Internet traffic to a crawl.  The worm can also defaces sites, though in two of the three known variants   no vandalism is apparent to computer users. In last week's hits, some U.S.  government sites showed the message ''Hacked by Chinese!'' but the Chinese government said the worm probably did not come from China."
from yahoo.com 

Worm
Viruses
 
 

Viruses

Worm
Viruses
 
 
 
 
 

Worm
Viruses

A Microsoft spokesman said the company never sends out unsolicited mass  e-mails with attachments. So................... if you get an email that says it is from support@microsoft.com ................. chances are it is a fake and the sender is just trying to get you to read something, or open something which may cause harm to your computer.

Worm
Viruses spreading faster

.KEY POINTS

Worm viruses have been around for quite some time, but for the current generation of Internet users the most familiar one (if they knew any) was the CODE RED Worm Virus. Worm viruses can now propogate much faster, -  and the risk is that the speed at which they spread exceeds the ability of the critical users to be alerted - and therefore we are at a greater risk since our response time is almost zero.

"SQL Slammer Worm Spread Worldwide in 10 Minutes" A Reuters story carried by Yahoo 2003 Feb 4th

"The worm, which nearly cut off Web access in South Korea and shut down some  U.S. bank teller machines, doubled the number of computers it infected every 8.5 seconds in the first minute of its appearance, said a computer security research group led by the Cooperative Association for Internet Data Analysis.  By comparison, the Code Red worm -- which came 18 months earlier -- only doubled every 37 minutes."

Permission to quote from Yahoo!, use the Yahoo! logo, and use screen captures, was given in an email by Debbie Macleod, Yahoo! Marketing Manager Jan 21st, 2005. Copy of the email is kept in the permissions binder

Worm
Viruses spreading faster

Snapper
MyWife

March 2004

Hasani before

Katie before

Hasani & Katie after

Hasani and Katie of MRK410 in March 2004 found a site talking about some of the new Worms in March 2004

Hasani and Katie explained

"The hottest couple on the internet snapper and Mywife are reeking havoc on the web. The couple made there appearance in January and they have the potential of staying together for a long time. My wife arrives in an email form, attracting the users by a pornographic subject lines, for example, “Hot XXX and Sexy XXX, and if your lucky you can get a picture with that.

"The email comes in attachments with a Norton Anti Virus symbol verifying it’s a virus free attachment. The second attachment file may have words to attract you such as: Ricky Martin, Paris Hilton. The second virus carries a fake virus warning stating that your machine is already infected. Once they open the email or your computer is infected the virus removes the windows registry entries for a variety of anti virus and security applications."

"Snapper which is quite opposite from Mywife sends blank emails with spoofed sending addresses that contains codes that automatically executes once the message is open. The code connects to a web page which downloads the file to your computer. The file creates a windows directory called DLL and then sends itself to all addresses in the users address book. Due to some complications and barriers for the virus it is not likely that it would spread very fast. "

It is believed that the couple is not going to last for a very long time, but the users and the haters should still be careful no matter what!

RELATED LINKS!!!!!  http://www.f-secure.com/v-descs/snapper.shtml (still working Nov 2006)

Feb 2007
 
 

Stefan said
"I think Java viruses are the next big wave. By Java viruses I mean viruses that use I.E loop-holes to upload themselves to your computer, undetected by you, the user. "

[WTGR adds, this suggests surfing with Netscape or Firefox would obviuously seem to be the thing to do]

Stefan then targets a sensitve point about anti-virus solution products, saying
"This is a growing business for Anti-Virus companies who claim they can stop these viruses. The fact is, so can consumes without these programs."

Feb 
2007
 
 

Stefan advises
"For example, using Norton Virus solutions will heavily slow down the computer and make every task annoying, since you will get “do you want to run this script” messages every second and security pop-ups 20 times a day. For your everyday user who checks their bank statement and e-mail, these viruses will never be a threat, however that is not what the everyday user does anymore.

Most people download movies/music and watch pornography on the internet. The sites that provide these services have a lot of this viruses since it is a way to make money (your neighbor comes to mind, easy to get e-mail addresses this way).

What Norton does  (and by doing so renders your system unusable due to lag) is disable certain active-x commands and prevents these viruses from installing, however this can be done manually in I.E (and without the lag) for example:

You go to I.E > Tools > Internet Options >Security> Turn all 4 –internet, local internet, trusted sites, restricted sites- to high security then go to >Privacy> and disable cookies and finally go to >Advanced> and uncheck Java which will not load the Java api next time you restart I.E. Now restart I.E.

By doing this, you I.E is safe, there is no computer lag, and no possibility of viruses and it is free. However these settings will not display some sites correctly and will disable a lot of eye candy. Their purpose is to be used with HIGH RISK websites and provide safe surfing by disabling all Java and Active-x extensions, therefore limiting I.E to basic browsing and no downloads (uncontrollable ones). When you want to surf the net normally, you can default all setting and enable cookies and java again so everything is allowed."

Feb 
2007

"My experience in this field spans to about 10 years and is mainly in computer hardware. I serviced main-frames and maintained systems for several small businesses. However the computer industry is in a very “disgusting” state at the moment and I am not interested in it any longer. It has commercialized to such a degree there are no values or morals any ware to be seen."

Chad M., MRK 410 March 2004,  found a page talking about how people are making money from selling anti-virus solutions

An annual fee is attached when purchasing anitvirus solutions, this in return, offers the user to download current "signature file" updates that identify the most current infectious program(virus). It normally takes anitvirus companies a few hours to develop "signature files" that can be updated by the user.  This poses a problem because almost all viruses now can spread globally in a matter of minutes.  So, are the antivirus companies really helping out?"

Jamaal P. of MRK 410 March 2004 found an interesting story in The Globe & Mail about lawsuits against spammers so this lets us know that something is actually being done to stop these people.

The following are some points from the article as summarized by Jamaal

• "Lawsuits filed by some of the Web's biggest players against junk e-mailers have portrayed an industry united in the war against spam"

• "America On-line, EarthLink, Microsoft and Yahoo scored a major publicity coup earlier this month, when they launched their first joint legal assault against spammers". 

• "The suits claim that hundreds of unnamed defendants sent messages using false e-mail addresses — a violation of the newly enacted federal Can-Spam Act".