Forgot your password?
typodupeerror
Security IT

The Most Unique Viruses of 2012 94

Posted by samzenpus
from the best-of-class dept.
Orome1 writes "PandaLabs outlined its picks for the most unique viruses of the past year. Rather than a ranking of the most widespread viruses, or those that have caused most infections, these viruses are ones that deserve mention for standing out from the more than 24 million new strains of malware that emerged."
This discussion has been archived. No new comments can be posted.

The Most Unique Viruses of 2012

Comments Filter:
  • Most Unique? (Score:4, Insightful)

    by Anonymous Coward on Thursday December 27, 2012 @09:40PM (#42408105)

    Shame on you Slashdot.

  • oh come on (Score:5, Interesting)

    by slashmydots (2189826) on Thursday December 27, 2012 @09:49PM (#42408159)
    Oh come on, where's the CD tray random timer open and closer from Lizard Works? Yeah it wasn't "made" in 2012 but it's still around and it's A LEGEND! lol.
    • Re:oh come on (Score:5, Interesting)

      by RedHackTea (2779623) on Thursday December 27, 2012 @11:42PM (#42408575)
      Just for fun. I don't know if this will compile (don't have a Windows machine near me at the moment).

      #pragma comment(lib,"WINMM.LIB")
      #include <windows.h>
      #include <stdlib.h>
      #include <time.h>

      int main(int argc,char **argv) {
      mciSendString("OPEN CDAUDIO",NULL,0,NULL);
      for(srand(time(NULL));; Sleep(rand() % 600000)) {
      mciSendString("SET CDAUDIO DOOR OPEN",NULL,0,NULL);
      }
      return 0;
      }

      • mciSendString is an enormously valuable and deprecated API call that ties right into the Windows video codec stack. It has its legacy back in the 16 bit era, but I can't think of a better high level video API that is so simple, yet powerful. The mess comes from the COM interface being exposed so casually
      • Re: (Score:3, Informative)

        by jones_supa (887896)

        Seems to compile just fine.

        1>------ Build started: Project: silly, Configuration: Debug Win32 ------
        1> silly.c
        1>silly.c(8): warning C4244: 'function' : conversion from 'time_t' to 'unsigned int', possible loss of data
        1> silly.vcxproj -> silly.exe
        ========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========

    • by Anonymous Coward

      For anyone (not me) who has ever set their soda in front of their CD tray, this is a terrifying virus.

      I've done terribly stupid things in the past, such as knocking orange juice into a shut-off computer. But, that wasn't the stupid part. The stupid part wasn't fully checking to see if orange juice got into the cabling for the hard drive before turning it on.

  • At first, I was super excited by the headline and thought: "I hope they include these newly discovered python viruses [bbc.co.uk]!" Only to quickly realize the authors meant a different kind of Python...
    • by TheLink (130905)
      I wonder how much Python malware there is... I suppose if OS X ever gets enough marketshare someone might start writing malware in Python. Or perl? TIMTOWTDI for malware might be interesting- polymorphic perl malware using LWP, curl to fetch new instructions/payloads. Could be crossplatform and work on Linux and Unix as well.
      • Well considering the how to write a Linux virus in 5 easy steps [geekzone.co.nz] article uses Python and when I search for "Python malware" I get over 600,000 hits? There is probably plenty of Python malware already out there, it just doesn't get as much press as a Windows bug as it has a smaller target. But as long as there is the potential to make money on infected machines I'm sure that somebody will be targeting just about every combo of language and OS you can think of, no OS is immune to a targeted attack.

        Now that said I have to deal with some customers that are...sigh...can you say "click happy" and clueless? So after many hours of trying various combos on test boxes here at the shop I have come up with what I call my "foolproof Windows for fools" that makes the machines as solid as tanks and cuts the living hell out of the risk of malware. basically short of them going "Why yes, please infect my machine" which sadly I have had to deal with at least once, well short of them going the extra mile to be super stupid you'll have a system that short of hardware failure won't be going anywhere. For those that want to know how, recipe is as follows:

        1.-First make sure their software is all up to date and Windows is set to automatically download and install patches, otherwise they are likely to just ignore the patches and leave the machine vulnerable.

        2.- Get a low rights mode browser with ABP, any Chromium based will do but I use Comodo Dragon [comodo.com] as it has privalert which will block all the tracking crap and you can choose to use Comodo Secure DNS in the browser only, this helps to block a LOT of infected websites from loading in the first place.

        3.- For an AV I recommend either Avast Free or Comodo IS, both have their pluses. Avast AV is a little more "chatty" about what its doing and I found some folks really like that, Comodo IS has built in sandboxing and is easy to configure for the actual user, so its really up to you as both are quite good at stopping malware.

        4.- Install FileHippo Update Checker [filehippo.com] and have it set to run at startup, it only uses a couple hundred KB of memory and will tell them when their third party software is out of date as well as provide links to the software, this keeps them from downloading "flash updates" and other dubious software updates. if the Hippo doesn't say it needs updating then it don't need updating.

        5.-Finally you need to have a hidden backup and restore partition, just in case they ever manage to figure a way to get infected or if a family member comes over and trashes things. I am testing Paragon Drive backup for this roll but since I haven't finished testing I'd have to go with Comodo Time Machine [comodo.com] but be aware its no longer supported and I don't think its been tested with Windows 8. That said the nice thing here is you can lock a snapshot with everything set up and all the third party software loaded so you have your own "OEM restore partition" without the trialware crap and it can also create snapshots on a schedule and be accessed if the machine can't even boot to desktop by just pushing the Home key. this way if they manage to somehow seriously screw up the OS a single push of the Home key and 20 minutes later they are back up and running.

        With these 5 little steps that takes less than an hour all told you will have a machine you can let the most clueless users get a hold of and not have to worry about them borking the system I have several "click happy" customers that have been on this system for over 2 years now and not a single bug, runs just as good as when I handed it to them. In fact I have only had to help one that has been on this system, she forgot to log off and her 16 year old niece got on after she left and did God knows what to the system so it wouldn't boot to desktop. 15 minu

  • real viruses (Score:4, Interesting)

    by vossman77 (300689) on Thursday December 27, 2012 @10:09PM (#42408243) Homepage

    I was disappointed to find out this was about computer viruses. Nothing in the description makes relevant to computers until the word malware.

    The most unique biological viruses would be much cooler to look at than some stupid man-made computer virus.

    • by DavidClarkeHR (2769805) <david.clarkeNO@SPAMhrgeneralist.ca> on Thursday December 27, 2012 @10:16PM (#42408285)

      I was disappointed to find out this was about computer viruses. Nothing in the description makes relevant to computers until the word malware.

      The most unique biological viruses would be much cooler to look at than some stupid man-made computer virus.

      ... Then why are you on slashdot? You're essentially walking into a room of dwarves and proclaiming that it is a terrible place to discuss the 10 finest sparling ice-wines this side of faerun.

      • by pushing-robot (1037830) on Thursday December 27, 2012 @10:47PM (#42408401)

        I understand your point, but that is a rather misleading analogy, for Slashdot is widely known to be the best possible place to debate the 10 finest sparling ice-wines this side of faerun.

      • I am 6 feet tall and I drink Aberlour cask strength scotch, not some sissies faerun'S iced wine, you insensitive bastardish canadian cloaud
      • by mcgrew (92797) *

        The masthead doesn't say news for geeks, it says news for NERDS. There's nothing nerdier than science. Even though I was writing assembly thirty years ago I agree with the GP that the ten most unique* biological viruses would be far more interesting than the ten most unique pieces of malware.

        You're at the wrong site, you need to be at that juvenile site geek.com if you don't want all that icky sciency junk.

        * The title is brain-dead stupid. There is no such thing as "most unique".

    • by toygeek (473120)

      I'd suggest that maybe you're new here, but I think your UID is lower than mine.

      • by the_B0fh (208483)

        What's a lower UID supposed to show?

        • by timeOday (582209) on Friday December 28, 2012 @12:09AM (#42408673)

          What's a lower UID supposed to show?

          It really just depends. Too high, and you're a Johnny-come-lately with no sense of slashdot lore. Too low smacks of moderate-to-severe aspeger's and probable basement dwelling. Really, the ideal UID is a bit over half a million.

        • by knarf (34928)

          What's a lower UID supposed to show?

          A smaller inhibition to giving up privacy and/or a larger urge to 'belong'? I only registered here when they started penalizing anonymous posters, until that time I was happy to discuss shop without having to show any ID.

        • by Trixter (9555)

          What's a lower UID supposed to show?

          Penis size XOR FFFFFFFF

    • I was disappointed to find out this was about computer viruses.

      That's nothing. I momentarily thought "Malware - now there's an apt metaphor for rogue DNA".

    • I agree! Considering the impact that life science will have on the coming decades, I want to see more biology in Slashdot.
  • No ZeroAccess?! I guess it could be argued that portions of ZeroAccess are/were designed with the BlackHole dev kit, but it blows my mind that something as sophisticated, stealth and widespread as ZeroAccess isn't on the list. The method of infection, its resilience/resistance to removal and use of the compromised workstation are pretty unique.

    I'm pretty sure that a large chunk of the malware on this list did not have file infecting variants or true "viruses".

  • There were some interesting ones.

  • by Riceballsan (816702) on Thursday December 27, 2012 @11:25PM (#42408525)

    "DarkAngle: A fake antivirus that poses as Panda CloudAntivirus. It takes advantage of the renown of Panda Security's free cloud antivirus to infect as many computers as possible."

    I hate to burst your bubble panda, but the average home user, IE the targets for these scams, haven't heard of your software. If I were to write a virus, with the goal of suckering the uneducated home user, my choices of mimicry would be: 1. Norton, 2. McAffee, 3. AVG, 4. webroot, 5. CCleaner, 6. Ad-Aware, 7. MSE/windows defender, 8. Malwarebytes, 9. Bitdefender, 10. Trend Micro.

    This rating list has no impact on what is best, what AV's have the best or worse success rating, more what names I could imagine my less computer savy friends and family hearing, and thinking "I've heard of this product before, it's probably legitimate". Panda is a fairly decent product, but far from a household name among typical non-geeks.

  • by DigiShaman (671371) on Friday December 28, 2012 @12:55AM (#42408851) Homepage

    My vote goes for the fake FBI warning screen that hijacks explorer.exe. It basically informs users that they have done something very illegal and must pay a "fine" to unlock the computer in the form of MoneyPak cards. Screenshot here [yoocare.com] (not my link, just found online as an example)

    BTW, you can remove this SOB using a bootable Kaspersky Rescue Disk [kaspersky.com]. It runs a form of Linux that will boot into an anti-virus desktop console. Assuming you have internet access, it will most likely contain NIC drivers to download the latest defs for you prior to the scan/removal process.

    Good luck!

  • Did anyone else notice the stealthy advertisement in the list?
  • The word virus refers to biological viruses, not computer viruses
  • You old-timers remember, the email that went:
    " Here's the DIY virus. All you have to do is 1) read this email, 2) send a copy to all your friends, 3) randomly delete files from the system directory"

  • An example of how not to mention Microsoft Windows in a discussion of malware ...

Never appeal to a man's "better nature." He may not have one. Invoking his self-interest gives you more leverage. -- Lazarus Long

Working...