3 min read

Duqu: Another World's "Most Advanced" Piece of Malware

Loredana BOTEZATU

October 24, 2011

Duqu: Another World's "Most Advanced" Piece of Malware

Before Duqu, a multitude of e-threats claimed the award for the most innovative, most dangerous or most pervasive piece of malware in the wild. It is a game that malware creators have played with victims ” the computer users – or with their arch-enemies ” the AV industry ” since computers were too large to fit in a regular room and were anything but “personal.” Here is a short recap of the most important e-threats, in reverse chronological order.

Malware History - the Timeline

Malware timeline: click on the image for the hi-res version

Without a doubt, 2010 was known for the emergence of Stuxnet, the first piece of malware specifically designed to sabotage nuclear power plants. It can be regarded as the first advanced tool of cyber-warfare.

However, sophisticated malware has also been put to more “civilian” use. Back in 2008, social networking users befriended Trojan.Koobface, a piece of malware that used to spread via social platforms such as Facebook, Twitter and Hi5. Once infected, users would serve as both vectors of infection for other social network contacts and as human robots to solve CAPTCHA challenges for cyber-criminals, among other things.

If you were old enough to “drive” a computer back in 2004, you probably remember the MyDoom worm, a rapidly-spreading mass-mailer worm apparently commissioned by a spam group to automate sending of unsolicited mail via infected computers acting as relays.

1999 brought another game changer named Melissa, a mass-mailing macro virus, which managed to overload Internet mail systems to the point of shutdown. If most computer users knew they should be careful with exe files, they were completely unaware that opening a Word document would spread the worm to their e-mail contact lists.

The early 90s marked an important milestone for the traditional antivirus industry that was relying on string signatures to statically identify malware. The emergence of Chameleon, an e-threat actually able to mutate its code after each infection in order to trick AV scanners and evade detection, signaled that it was time for the industry to switch to more advanced defense technologies such as heuristics and sandboxing.

If you thought that Rootkit.Rustock and Rootkit.TDSS were packed full with novel technologies, you`re in for a surprise. Boot sector malware has been around since 1986, when two Pakistani computer-shop owners created the Brain Boot Sector virus, a piece of harmless code that was able to camouflage its presence by tampering with the result of disk read requests.

Of course, this list could only end with the great-grand parent of the modern Trojan, the Pervading Animal game. Built on a Univac 1100/42 mainframe that looks like this, the game had primitive artificial intelligence support and was complemented by a “software distribution routine” called PERVADE that would copy the game in the directories of other users of the Univac mainframe. Although the purpose was to allow other users to grab a copy of the game, this method of distribution is what we call today a “classic Trojan Horse attack”.

However, the history of malware ” a term that we tend to associate with modern threats such as Bankers or keyloggers ” is rife with incidents that allowed viruses to morph from innocent pranks to advanced military weapons. If you`d like to find out more about how malware grew in time, download this hi-res copy of the infographic or grab a copy of the Malware History whitepaper available in the Downloads section.

The malware timeline is available courtesy of Loredana Botezatu, Bitdefender E-Threat Analyst and Communication Specialist

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read