Report: Mariposa, Stuxnet, MSNWorm Most Noteworthy Malware Of 2010
PandaLabs, Panda Security's anti-malware laboratory, close 2010 with a look at some of the unique and noteworthy viruses that have appeared over the last twelve months. The list of viruses is vast and varied, since in 2010, PandaLabs received more than 20 million new strains of malware.
This compilation does not contain the most prolific threats or those that caused the most infections, but is simply some of the viruses that caught PandaLabs' eye. The viruses that are included in the 'Virus Yearbook 2010' are:
- The Mischievous Mac Lover: This title was earned from a remote-control program with the unsettling name of HellRaiser.A. This virus only affects Mac systems and needs user consent to install on a computer. Once installed, it can take remote control of the system and perform a host of functions, including opening the DVD tray.
- The Good Samaritan: Bredolab.Y came disguised as a message from Microsoft Support claiming that a new security patch for Outlook needed to be installed immediately. Upon download, users were exposed to the SecurityTool rogueware, which told users their systems were infected and then offered a fake solution that many fell for and purchased.
- Linguist of the Year: MSNWorm.IE emerged as a virus that was distributed via MSN Messenger with a link tempting the user into viewing a photo. This virus was created in 18 languages and always featured an emoticon at the end ":D" of each note.
- The Most Audacious: The Stuxnet malicious code was designed to target SCADA systems, i.e. critical infrastructures. The worm exploits a Microsoft USB security hole and has the sole intention of silently manipulating the core of industrial control systems.
- The Most Annoying: Oscarbot.YQ was a virus that infected your computer and continually prompted a pop-up window to ask users, "Are you sure you want to close the program? Yes - No?" Regardless of how many times users would close the window the same screen would appear repeatedly.
- The Most Secure Worm: Clippo.A , a name that might remind some users of "Clippy," the Microsoft office assistant, is the most secure worm. Once installed on a computer, it password-protects all office documents. A user then can't open any documents without a password. There is no financial motivation for this worm, but it is yet another example of an annoying virus.
- A Victim of the Crisis: Viruses oftentimes mirror the state of the global economy. Typically, all ransomware (programs that block computers and demand a ransom to release them) demands a fee upwards of $300 to unblock a program. During the current financial crisis, however, PandaLabs discovered Ransom.AB, which was blocks the computer and asks for a mere $12 for a code to unblock it.
- The Most Economical: SecurityEssentials2010 was a virus that served as a fake counterpart to the official Microsoft antivirus product. Classified as adware, this acted like any other fake antivirus and alerted users to infections on their computers. Since the design and warning looked so authentic, many users were duped into buying the fake solution, making it one of the top 10 infections of 2010.
To close the yearbook for 2010, PandaLabs wants to also recognize the Mariposa (Butterfly) botnet as the insect of the year. Thanks to collaboration between Panda Security, the Spanish Civil Guard, FBI and Defense Intelligence, the botnet was dismantled in March and led to the arrest of its creators. Like a true insect, it fed on the nectar of other people's computers and flitting from one to another. In total, more than 1 million financial records were stolen using the Marioposa botnet.