China warns about return of destructive Panda virus
IDG News Service - A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee.
The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, and led to the country's first arrests for virus-writing in 2007. The new worm variant, one of many that have appeared since late 2006, adds a malicious component meant to make infection harder to detect, said Vu Nguyen, a McAfee Labs researcher.
"It has gotten more complex with the addition of a rootkit," said Nguyen. "It definitely makes it more challenging for users to clean up and even to know that their systems have been compromised."
A rootkit burrows into a system to try to hide the existence of malware.
The first Panda worm gained fame in China for switching the icons of infected files with an image of a panda holding three incense sticks. The same image would also flash across a victim's screen, but the worm's final goal was to install password-stealing Trojan horses. The worm infected millions of PCs, according to Chinese state media. Its author was ordered to write a removal tool for the worm and later sentenced to four years in prison.
China's national virus response center warned about the updated worm earlier this week, but it dubbed the virus Worm_Piloyd.B and did not link it to Panda. The center said it had found a worm spreading online that infected executables and html files. The worm blocked a victim's PC from restoring infected files, turned off active antivirus software and directed the machine to Web sites to download Trojan horses and other malware, the center said. The center urged Internet users to step up defense on their PCs against unknown viruses.
The new worm is unlikely to hit as many PCs as the first one. Chinese companies and Internet users are much more aware of malware than they were a few years ago, partly because of the wake-up call brought by the first Panda worm, said Nguyen.
As in other countries, cybercrime looks increasingly professional in China and labor is often divided along the production chain from virus design to the sale of stolen information. Chinese police are rushing to keep pace and cybercrime arrests have become more common in the country. Police in central Hubei province recently took six suspects into custody for building and selling viruses and attacking victims with a botnet, Chinese state broadcaster CCTV said this week. The group made over 2 million yuan (US$290,000) in about six months from their activities, the report said.
Separately, a Shanghai court this week sentenced a man to six months in prison after his Internet company spent the equivalent of $17,500 to launch a denial-of-service attack on a rival's servers, according to local media. The man's company, iSpeak, paid for the use of a botnet to attack rival Duowan.com, reports said. A botnet is a network of malware-infected PCs that an attacker can order to repeatedly contact a target server all at once, overwhelming the machine with requests for information and essentially shutting it down.
China officially had 338 million Internet users at the end of June, more than the population of the U.S.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast Unmasking the Differences between Consumer and Enterprise File Sync & Share The consumerization of IT combined with the rapid pace of the modern mobile workplace is forcing enterprise IT teams to evaluate file sync...
- Live Webcast Government Agency Webifies Outdated COBOL Applications Let this CTO tell you how his agency converted 1980s-era green screens into an e-filing portal for the 100,000 cases handled each year...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the... All Applications White Papers | Webcasts