China warns about return of destructive Panda virus
IDG News Service - A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee.
The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, and led to the country's first arrests for virus-writing in 2007. The new worm variant, one of many that have appeared since late 2006, adds a malicious component meant to make infection harder to detect, said Vu Nguyen, a McAfee Labs researcher.
"It has gotten more complex with the addition of a rootkit," said Nguyen. "It definitely makes it more challenging for users to clean up and even to know that their systems have been compromised."
A rootkit burrows into a system to try to hide the existence of malware.
The first Panda worm gained fame in China for switching the icons of infected files with an image of a panda holding three incense sticks. The same image would also flash across a victim's screen, but the worm's final goal was to install password-stealing Trojan horses. The worm infected millions of PCs, according to Chinese state media. Its author was ordered to write a removal tool for the worm and later sentenced to four years in prison.
China's national virus response center warned about the updated worm earlier this week, but it dubbed the virus Worm_Piloyd.B and did not link it to Panda. The center said it had found a worm spreading online that infected executables and html files. The worm blocked a victim's PC from restoring infected files, turned off active antivirus software and directed the machine to Web sites to download Trojan horses and other malware, the center said. The center urged Internet users to step up defense on their PCs against unknown viruses.
The new worm is unlikely to hit as many PCs as the first one. Chinese companies and Internet users are much more aware of malware than they were a few years ago, partly because of the wake-up call brought by the first Panda worm, said Nguyen.
As in other countries, cybercrime looks increasingly professional in China and labor is often divided along the production chain from virus design to the sale of stolen information. Chinese police are rushing to keep pace and cybercrime arrests have become more common in the country. Police in central Hubei province recently took six suspects into custody for building and selling viruses and attacking victims with a botnet, Chinese state broadcaster CCTV said this week. The group made over 2 million yuan (US$290,000) in about six months from their activities, the report said.
Separately, a Shanghai court this week sentenced a man to six months in prison after his Internet company spent the equivalent of $17,500 to launch a denial-of-service attack on a rival's servers, according to local media. The man's company, iSpeak, paid for the use of a botnet to attack rival Duowan.com, reports said. A botnet is a network of malware-infected PCs that an attacker can order to repeatedly contact a target server all at once, overwhelming the machine with requests for information and essentially shutting it down.
China officially had 338 million Internet users at the end of June, more than the population of the U.S.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- Increase IT Performance from the Enterprise to the Cloud with WAN Optimization Massive consolidation and data mobility, enabled by virtualization, have radically altered how we build servers, design applications, and deploy storage for the emerging...
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Video Stream Quality Impacts Viewer Behavior This scientific white paper, using statistical data from Amakai's streaming network, analyzes how changes in video quality cause changes in viewer behavior.
- Service-Enabling CICS Applications: Best Practices This informative webcast provides an informed, thorough look into CICS service-enablement options and how they can affect your environment. You'll learn how to... All Applications White Papers | Webcasts