2009 brings worms and more worms

According to F-Secure, the biggest malware story of 2009 so far has been the Conficker (aka Downadup) worm. It is a classic worm exploiting vulnerabilities in Microsoft Windows, of the type that has not been seen in the past few years.

However, Conficker has advanced features such as heavy encryption, a peer-to-peer functionality meaning that infected computers can communicate with each other without the need for a server, and the ability to convert and update itself.

Conficker changed operation modes on April 1st, gaining front page media coverage world-wide. However, the gang behind the worm still took action with their botnet. The mystery continues.

Worming away on Facebook

Worms have also started using social networking. The latest variant of the Koobface worm spreading on Facebook steals your logon credentials for Facebook. It logs in, steals your picture and friends’ e-mail addresses, creates a fake YouTube page with your Facebook photo and then sends an e-mail to your friends saying they’ve been tagged in a video on YouTube.

Worms go mobile on smartphones

The first quarter was also historical as it saw the birth of the first SMS worm, Sexy View, designed for smartphones. Sexy View, like Koobface, is a social engineering worm which uses the contacts stored on your smartphone to spread. It sends a text message to your contacts telling them to check out some hot pictures and offers a link to a website.

Your contacts follow the URL because it came from you. They are asked to install an application, which now sends the worm to all their contacts. The worm sends the information about the phone to its makers who then use this information to send SMS spam.