As has become tradition, PandaLabs, the anti-malware laboratory of Panda Security -The Cloud Security Company- has published its 2009 Virus Yearbook, reviewing the malicious codes that have appeared over the last 12 months and examining those that have stood out for one reason or another.
Rather than a ranking of the most widespread viruses, or those that have caused most infections, PandaLabs has selected those which, either for their use of social engineering or their visible effects on computers, stood out most last year. For this reason, some of the more well-known malicious codes (such as the Koobface virus) are absent from the list.
So here are the viruses we believe deserve a mention:
– The biggest headache. There can be no doubt that Conficker.C has been the most obnoxious virus over the last 12 months. It first appeared on December 31, 2008, and has spent the last year causing serious infections to companies and home users alike. The insidious and tenacious nature of this malicious code has earned it first place in our ranking.
– The Harry Potter of viruses. Although there is no reference to the world’s most popular fictional wizard, the on-screen messages Samal.A displays are all about magic. When it infects a computer, users will see the message “Ah ah you didn’t say the magic word” (see photo on Flickr), and the cursor then flickers waiting for users to enter a word. The truth is, it doesn’t matter what is entered, because after three attempts, the phrase “Samael has come. This the end” (see photo on Flickr), will be displayed and the computer is restarted.
– V for Vendetta. We still don’t know who is the real target of this vendetta, but DirDel.A wreaks vengeance on infected users, progressively replacing folders in different directories with copies of itself. The worm is carried in a file called Vendetta.exe with a typical Windows folder icon (see photo on Flickr).
– Plane nuisance. The Sinowal.VZR Trojan has infected thousands of computers under the guise of plane tickets supposedly purchased by the user (see photo on Flickr).
– The all-action virus. We are talking about Whizz.A. Once infected, computers will start emitting a series of beeps, the mouse pointer moves uncontrollably around the screen, the CD/DVD tray opens and closes, while the screen is ‘decorated’ with a row of bars like those in the image below (see photo on Flickr).
– The snooper. Waledac.AX ensnares its victims by claiming to offer a free application for reading SMS messages on anyone’s cell phone. Ideal for those that want to check up on their partners. Perhaps that’s why so many users fell victim to this intelligent virus.
– The most affectionate. BckPatcher.C tops this category, as it changes the desktop wallpaper to an image reading “virus kiss 2009” (see photo on Flickr). What a charmer!
– A touch of the sniffles. We couldn’t fail to mention here a couple of the viruses, WinVNC.A and Sinowal.WRN that used the widespread alarm surrounding swine flu to trick users and infect their systems.
– And the award for incompetent newcomer goes to… Ransom.K. This Trojan encrypts documents on infected computers, and then asks for a $100 ransom to release them. However its creator, probably lacking in experience, included a programming error which allows users to release the files with a simple key combination.
– The most deceitful. This year, the winner in this category is FakeWindows.A, which infects users by passing itself off as a license activation process for Windows XP.
– The party animal. Banbra.GMH arrives in an email promising photos of Brazilian parties (with dancing girls included)… Who could resist?
More information about these and other threats is available at Panda Security.