Viruses and worms: unusual activity?

Forum Moderators: phranque

Message Too Old, No Replies

Viruses and worms: unusual activity?

tedster

11:11 pm on Jan 9, 2003 (gmt 0)

I'm wondering if something unusual is happening on the virus/worm/trojan front. My Norton AV has been getting almost daily definition updates for the past week or so. I never saw that much update activity before.

I know that new variants of yaha are creeping around, and old favorites like klez and sircam are showing a resurgence. Several "powered by KaZaA" style exploits are also surfacing, using a tactic that tries to deactivate anti-virus software...maybe that's what this current flurry is all about. Symantec says [securityresponse.symantec.com]:

W32.Lirva.A is a mass-mailing worm that also spreads by the IRC, ICQ, KaZaA, and open network shares. This worm attempts to terminate antivirus and firewall products. It also emails the cached Windows 95/98/Me dial-up networking passwords to the virus writer.

rcjordan

11:21 pm on Jan 9, 2003 (gmt 0)

saw this one the newswires earlier:

New worm, Lirva, is spreading [computerworld.com]

cornwall

11:23 pm on Jan 9, 2003 (gmt 0)

I would say that the increased virus activity I have seen dates from around mid December.

I wondered who I had offended, was getting around 10 a day before Christmas, dropped to around 5 a day this week.

As I put on another thread I put no details in my profile here, at least that stops the number rising. ;)

For the first time I did get an infection a few weeks ago, it was an old virus which had somehow got through the defenses, but was easily removed.

These guys are sick! Why do they do it?

tedster

6:07 am on Jan 11, 2003 (gmt 0)

Well, I just got today's new download from Symantec/Norton. They're being VERY aggressive about something - daily updates seems extreme to me.

Trying to research this, I found an article that November was unusually quiet on the virus front. Well, it looks like we're off and running now.

tedster

6:33 pm on Jan 14, 2003 (gmt 0)

Here's another new virus - Sobig. Seems like last week saw new mutations of Lirva plus the first out break of Sobig. That's probably the why for the update frenzy.

Sobig Virus [eweek.com]

oilman

6:37 pm on Jan 14, 2003 (gmt 0)

Yup - I think the virus guys are restless - I was getting pounded hard with all kinds of stuff just before Christmas - seems to have calmed down a bit since then.

AVG hasn't had an update since Jan 10 tho - methinks they are falling behind - hopefully they'll update soon.