From; Panda Oxygen3 24h-365d: "Nothing endures but change." Heraclitus (540-480 BC); Greek philosopher. - (III) The evolution of computer viruses - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, May 13 2004 - Today's edition of Oxygen3 24h-365d, describing how viruses have evolved over time, will look specifically at how the Internet and e-mail changed the propagation techniques used by computer viruses. Internet and e-mail revolutionized communications. However, as expected, virus creators didn't take long to realize that along with this new means of communication, an excellent way of spreading their creations far and wide had also dawned. Therefore, they quickly changed their aim from infecting a few computers while drawing as much attention to themselves as possible, to damaging as many computers as possible, as quickly as possible. This change in strategy resulted in the first global virus epidemic, caused by the Melissa worm. With the appearance of Melissa, the economic impact of a virus started to become an issue. As a result, users -above all companies- started to become seriously concerned about the consequences of viruses on the security of their computers and, in turn, antivirus applications became commonplace. This also brought about a new challenge for virus writers, who now had to slip past this layer of protection and persuade users to run infected files. The answer to which infection strategy would be the most effective came in the form of a new worm: Love Letter, which used a simple but effective ruse that could be considered a type of social engineering. This strategy involves inserting false messages that trick users into thinking that the message includes anything, except a virus. This worm's bait was simple: it led users to believe that they had received a love letter. This technique is still the most widely used. However, it is closely followed by another tactic that has been the center of attention lately: exploiting vulnerabilities in commonly used software. This strategy offers a range of possibilities depending on the security hole exploited. The first malicious code to use this method were the BubbleBoy and Kakworm worms. These worms exploited a vulnerability in Internet Explorer by inserting HTML code in the body of the e-mail message, which allowed them to run automatically, without needing the user to do a thing. Vulnerabilities allow many different types of actions to be carried out, including dropping viruses on computers directly from the Internet -such as the Blaster worm. For further information about these and other computer threats, visit Panda Software's Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/ NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1)Netsky.P; 2)Sasser.ftp; 3)Qhost.gen; 4)Briss.A; 5)Netsky.D. ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member