Top five malware of 2012

Even as operating systems and software developers try to make their products more secure, the threat from trojans, worms and other forms of malware is more real than ever. The social networking space seems to be under attack but the ones that really annoy and disrupt our work are the traditional computer viruses. Files are infected, PCs slow down and your PC may be used to bombard another site or infect other PCs. With the recent Flashback virus which infected Macs across the world, it’s clear that no OS is safe. What’s worse is that most of us aren’t even aware about the threat and there are many of them. The past few months have seen quite a few new malware being released. Here’s a list of the most powerful malware of 2012. 

Flame 

Russian security firm, Kaspersky Lab recently uncovered a massive cyber attack codenamed ‘Flame.’ The malicious program was detected as Worm.Win32.Flame and is believed to have been operational since 2010. On infecting a system, Flame begins with its set of complex operations, which is inclusive of sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and even monitoring the display. The information is then sent to a network of command-and-control servers located in many different parts of the world. The first instance of the malware's activities was detected in Iran and the other countries affected by it are Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. The malware has been collecting private data from these countries. Describing it as "one of the most complex threats ever discovered," the research into the attack had been carried in conjunction with UN's International Telecommunication Union. Also being investigated is another malware threat, called Wiper that has been deleting data in western Asia. However, although Flame has done no evident damage, it has been actively collecting very critical data.

Flame is said to be the most advanced and complete attack-toolkits ever discovered. It has hit more than 600 targets ranging from individuals to businesses and government systems. This new malware code is said to be 20 times larger than Stuxnet and the Flame package of modules is reportedly huge at 20 MB when completely deployed. Flame is called huge, because it includes libraries, like zlib, libbz2, ppmd for compression and sqlite3 for database manipulation, along with a LUA (a scripting language) virtual machine. Many parts of Flame have high order logic written in the scripting language with effective attack subroutines and libraries compiled from C++.

Image source: Getty Images

Flame has been termed as a backdoor, a trojan, and has worm-like features. It is capable of replicating in a local network and on removable media as well. Flame first sniffs network traffic, takes screenshots, records audio conversations via microphone, compresses it and sends it back to the attacker, and intercepts the keyboard. After the initial Flame malware infecteds a system, more modules are added to perform specific tasks, just like adding apps to a smartphone. With Flame, there are chances that it could be the most powerful virus ever. 

trojan.Win32.Generic

One of the most rigid viruses ever, trojan.Win32.Generic basically works like a destructive program.  It uses software vulnerabilities towards giving a remote hacker access to the affected computer. It works via a backdoor and carries out multiple tasks once installed. This has been of the most widely spread trojans in recent times, occupying a total of 35.1 percent from amongst the top ten thread detections for January this year.  Basically, the trojan has the capability to make the computer completely useless by modifying system configuration data and other Windows registries.

trojan.Win32.Generic is more threatening than INF.Autorun, which has infected a lot of devices in recent years. This trojan was listed in the top Ten malware of February 2012 and the percentage of infections rose to 30.93 percent in malware of March 2012, according to GFI. The best prevention steps include enabling firewall settings and keeping your computer well updated.