The 2003 Virus Hall of Fame
The year 2003 could best be described as erratic in terms of computer virus activity. Despite being a quiet year on the whole, it has been interspersed with periods of high activity, in particular during the summer months when Blaster, Nachi and Sobig.F were doing the rounds.
Regardless of the significance of the epidemics, each year there are a number of viruses that stand out for one reason or another. Panda Software has once again drawn up a list of the most remarkable viruses over the last twelve months.
– The most damaging virus: for two reasons this goes to Bugbear.B. On the one hand, the fact that, according to data gathered by Panda ActiveScan, it has been the most frequently detected virus during 2003, and therefore the one that has caused most damage to users around the world. On the other hand, as it is designed to terminate processes of a number of antivirus and firewall programs, it leaves PCs defenseless against future attacks from viruses and hackers, with the obvious risks that this entails.
– The most effective virus: SQLSlammer is hard to beat in this category. In fact this malicious code, which attacks SQL servers, was able to bring large sections of the Internet to a halt in just a few hours, affecting millions of users.
– The most persistent virus: Klez.I wins hands down. Despite having first appeared in April 2002, it is still very much present in the monthly rankings of the most frequently detected viruses. The way it uses ‘social engineering’, and exploits a vulnerability in Internet Explorer are the main factors for the continued spread of this extremely tenacious malicious code.
– The most ingenious virus: in this category, Gibe.C stands out on its own. The creator of this worm designed an HTML mail purporting to be from Microsoft, convincing many that the e-mail they had received -containing the virus- actually contained a security patch released by the company.
– The most annoying virus: this award goes to Blaster, which infects computers by exploiting the RPC DCOM vulnerability affecting several versions of Windows. Due to an error in the virus code itself Blaster caused many infected computers to restart repeatedly. Similarly, the rate of infection of this malicious code reached such levels that many computers were being continually re-infected, even though they had already been disinfected.
-The most cunning virus: Nachi.A described itself as a kind of ‘Robin Hood’ coming to the aid of computers stricken by Blaster. And, in truth, it did just that. Nachi.A removed Blaster and even repaired the vulnerability that Blaster exploited to infect computers. However, the cloud that lurked behind the silver lining soon became apparent, as Nachi.A is designed to exploit the WebDAV vulnerability, which could allow all types of code to be run on computers.
– The most opportunist: Ganda.A which, by alluding to the war in Iraq soon after it had started, tried to trick users into opening a file supposedly containing satellite photos of the country.
– The most rapid viruses: 2003 has witnessed the appearance of two of the fastest spreading viruses in the history of computers: SQLSlammer and Sobig.F. The latter, designed as a highly effective mass-mailer, was launched from just a handful of computers and was spreading around the globe in millions of e-mails in a question of hours.