Virus Activity During the First Half of 2003

The first half of 2003 was generally quiet in terms of virus activity. However, this does not mean there was total calm, as in these first six months there were two virus epidemics, involving the worms SQL Slammer and Bugbear.B.

This period could be classified as a transition period, where we saw the first signs of the new virus trends. Even though e-mail worms that use so called social engineering and exploit vulnerabilities in widely-used software have been the culprits of most infections, another type of malicious code is starting to become more widespread: worm/Trojan hybrids.

During the first five months of this year, the e-mail worm Klez.I headed the ranking of the virus most frequently detected, according to data collected from the free, online antivirus Panda ActiveScan, but was knocked off the top spot at the beginning of June by the worm/Trojan Bugbear.B.

Worm/Trojan hybrids, as their name suggests, combine the characteristics of a worm and a Trojan, doubling their danger. Their worm component allows them to spread rapidly via e-mail and the Internet, searching for computers to attack. Whereas their Trojan functions allow them to carry out Trojan-like actions, such as controlling certain communication ports, which they can leave open to allow hackers to access the computer, or to steal confidential information such as client databases and bank account and credit card numbers, etc.

Another significant malicious code that appeared during this period is SQL Slammer, which represents a new generation of viruses that spread directly via the Internet, usually by exploiting a vulnerability in commonly used software. SQL Slammer targeted SQL servers, and due to the large number of servers it affected, wreaked havoc in the Internet.

The virus activity described above demonstrates the need to go one step further in protecting against viruses, as once these have been installed on a computer, simply detecting them is not enough to stop these viruses in their tracks. These malicious code need to be caught before they get into a computer by protecting the communication ports. Although this may seem a complicated task, it is easy to solve by installing a personal firewall, which can detect and block any unusual activity that aims to get into the computer.

Some antivirus manufacturers have included protection against these types of threats in their products. An example of this is Panda Antivirus Platinum 7.0, which incorporates a latest generation personal firewall, which combined with its advanced antivirus technology, turns your computer into a fortress against virus threats, including new worm/Trojan hybrids.

Don't miss