1. Computing

Malware Information

From Mary Landesman, your guide to Antivirus Software, common malware, security vulnerabilities that lead to infection, and other computer-related threats.

McAfee Labs Q4 Report
On March 10, 2014, McAfee released the McAfee Labs Threat Report: Fourth Quarter 2013, which highlights the role of dark web malware industry as the key enabler to the point-of-sales (POS) attacks and data breaches in the fall of 2013.

Advanced Evasion Techniques (AETs)
A new report by McAfee examines the controversy and confusion surrounding Advanced Evasion Techniques (AETs) and the role they play in Advanced Persistent Threats (APTs).

Top Cyber Threats for 2014
McAfee has kicked off its annual list of the biggest cyber threats anticipated to take effect in 2014. The following are McAfee’s Top Cyber Threats for 2014:

What is Creepware?

12 Cyber Scams of Christmas
McAfee released its annual 12 scams of Christmas list which outlines the most common scams cyber-criminals use during the holiday season.

Android Master Key Vulnerabilities
Master Key is a vulnerability within the Android security model that allows an attacker to turn any legitimate application into a malicious Trojan horse. The hacker accomplishes this by modifying the APK code without modifying the application’s cryptographic signature. The Android Application Package file (APK) is the file format used by Google’s Android operating system to distribute and install applications.

McAfee Labs Third Quarter Threat Report – Part 2
McAfee Labs researchers have released the third quarter threat report that highlights cyber threats and details common and new malware that has emerged during the third quarter.

Jay-Z’s Magna Carta Holy Grail Fake App
The Jay-Z’s Magna Carta Holy Grail Trojan horse app was discovered by McAfee Mobile Security. This Android Trojan horse hides within a pirated copy of the Jay-Z app. Samsung users were targeted because the legitimate app was released exclusively for Samsung devices on Google Play.

Hidden Administrator Apps
Hidden Administrator Apps

Black Hat SEO Poisoning
Black Hat SEO Poisoning is a technique used by cybercriminals to trick search engines, such as Google, Bing, and Yahoo, into ranking a malicious website high in the search engine results page. People land on these sites by entering certain keywords on search engines and clicking on rogue links from the compromised search results. This allows the attackers to have control of web traffic and enables them to lure users on to their infected sites.

Live Security Platinum
Like Disk Defender and MS Removal Tool, Live Security Platinum is a fake application that claims to scan for malware and reports false virus information. Live Security Platinum is a variant of the Win32/Winsebsec malware family that attempts to trick you into purchasing the fake antivirus software in order to clean your computer from the fake warnings it reports. Live Security Platinum may terminate processes and services and may modify your security settings in order to prevent your system from blocking its malicious attacks. Furthermore, it may block you from accessing certain websites.

iLivid Virus
The iLivid virus presents itself as a tool called "iLivid Free Download Manager." The virus tricks people into thinking that the application will assist with media downloads. Learn more about the dangers of iLivd.

Firefox Redirect Virus
Firefox Redirect Virus causes unwanted results by redirecting your Internet searches. Follow these steps to help you remove the Firefox Redirect Virus.

Fake Antivirus Software
Fake antivirus software will conduct false virus scans on your computer. Learn how to detect these threats.

Antivirus Software Technology
Threats are abundant with information systems. One nasty virus can cripple your machine, steal your personal information, and infect other devices. Protecting your computer from malware is perhaps the most important aspect of computer ownership. The first step in protecting your system is understanding how antivirus software operate.

TDSS aka TDL: A Botnet Framework
New renditions of the TDSS / TDL bot have some saying it's virtually indestructible. Certainly TDSS / TDL does present some unique challenges, as seen in this overview.

System Fix (aka SystemFix)
Though classified as scareware, System Fix may also download and install the TDSS rootkit, leading to even further malware infections on affected computers.

Bredolab
Bredolab is a downloader trojan that is used by attackers to distribute a wide range of malware, often scareware but also including variants of Zeus/Zbot backdoor trojans.

Website Compromises at UNC Chapel Hill
Web pages across UNC Chapel Hill sites are compromised.

WildList Virus Descriptions
F-Secure simplifies the WildList by linking descriptions to the names of the viruses reported to be in the wild. Updated monthly.

MACDefender aka Mac Protector: Scareware for Mac
MACDefender is a scareware program designed to trick Mac users. Usually, MACDefender is delivered via the Web, often via tainted search engine results. While scareware has long plagued Windows users, it's a relatively new threat for Mac users.

Bugs, Mice, and Antivirus
What you've learned from real life pest control can also be applied to antivirus software protection.

Virus Information Library
The McAfee AVERT Virus Information Library includes detailed information on viruses as well as popular hoaxes and myths.

Blackhole Exploit Kit
The Blackhole exploit kit is a framework for delivering exploits via compromised or third-party websites. Most notable for its sophisticated Traffic Direction Script (TDS), the Blackhole exploit kit enables attackers to configure rules that enforce custom responses.

Virus Analyses
One very long list of just some of the viruses detected by Sophos.

BlackHole RAT
BlackHole is a remote administration tool (RAT) that, used maliciously, can also serve as a remote access trojan. The BlackHole RAT can be used on either Mac OS X or Windows computers, and enables a remote attacker to perform potentially malicious actions on the victim's computer.

The WildList
Compiled from various reporting agencies and individuals. Listing all viruses actually causing active infections worldwide, the wildlist is updated monthly.

Panda Virus Descriptions
From the makers of Panda Antivirus, an encyclopedia searchable by name, category or family. The database is prefaced by an introduction to computer viruses and a handy glossary of terms.

Computer Virus Info
From F-Secure, an alphabetized database of virus descriptions. Search by exact name or keyword.

StarLogger Keylogger
StarLogger is commercial monitoring software that records keystrokes and captures screenshots. Captured data is sent via email to designated recipients. On March 30, 2011, it was reported that Samsung installed the StarLogger keylogger on laptops sold through retail stores.

Hoaxes and Myths
Though not a virus, hoaxes and myths can still cause downtime and loss of productivity due to unwarranted panic. Rob Rosenberger maintains a plethora of information concerning these non-threatening threats.

Common Botnets
A botnet is a collection of compromised (infected) computers under the collective control of remote attackers. The malware on the infected computer is known as a bot, a type of backdoor or remote access trojan (RAT). Here is a collection of the most common botnets.

AVP's VirusList
So comprehensive, it might be somewhat difficult to navigate. Well worth the effort, AVP delivers the definitive virus encyclopedia.

Stuxnet, Winsta.exe, and Cover-ups
Stuxnet is - without dispute - the most important malware in history. It would be nice if for once the industry (including vendors and journalists) would put their self-interests on hold, would stop trying to save face, and would instead delve into the truth of Stuxnet so at least we have the real facts.

Asprox Botnet
The Asprox botnet was originally a botnet used primarily to deliver phishing scams. In 2008, the Asprox botnet began employing the bots to discover and use SQL injection on vulnerable Active Server pages on weakly configured websites.

Gumblar Botnet
Gumblar, known in Japan as Geno, is a unique botnet - it not only creates a botnet of compromised PCs, it also backdoors compromised websites enabling continued remote access and manipulation.

AntiVirus Research Center
Timely and searchable information concerning viruses currently in-the-wild and even those that are not.

Virus Encyclopedia
From your Antivirus.About.com guide, an encyclopedia of virus and hoax descriptions. Includes PC, Macintosh, Unix, Active Content, and Wireless infectors.

Sobig.E worm
The Sobig.E worm spreads via email. The Sobig.E worm attachment is a ZIP file.

Koobface Botnet
Koobface spreads through social networking sites, most prevalently through Facebook. Generally, Koobface relies on social engineering in order to spread. The Koobface message is designed to trick recipients into clicking through to a fraudulent website and either (a) enter their Facebook (or other social networking) credentials or to accept the installation of malware disguised as a video codec o…

IRCsome McVeigh Video a RAT
Alleged movie of Timothy McVeigh execution really the Subseven remote access Trojan.

Zeus Botnet
Zeus, often spelled ZeuS, is a crimeware botnet typically engaged in data theft. Zeus is also often referred to as Zbot. Zeus is not a single botnet nor a single trojan, but rather refers to an entire family of trojans and their respective botnets.

Homepage Virus
Also known as Homepage, this e-mail worm was discovered in the wild on May 8th, 2001

Storm Botnet
The Storm bot is a backdoor component that allows remote surreptitious access to infected systems. The Storm-infected computers (collectively, the Storm botnet) are outfitted with a spam relay component (to send spam through infected computers) and a peer networking component (to enable the remote attackers to communicate with the bot infected computers).

Klez Help Center
The Klez virus uses a variety of techniques to fool and aggravate users

Mariposa Botnet
Mariposa is Spanish for butterly. In computer lingo, Mariposa is a botnet created by the Butterfly bot kit. Mariposa is typically spread via instant messaging, peer-to-peer file sharing networks and as an autorun worm.

Bofra.A worm exploits SHDOCVW.DLL flaw
Bofra.A worm exploits SHDOCVW.DLL flaw

Waledec
Waledec, also spelled Waledac, is the name of a botnet used to relay malicious spam. The Waledec distributed spam often consists of fraudulent greeting cards and breaking news events.

Sober.I worm
Sober.I is a mass-mailing email worm that sends itself in both German and English, depending on the infected users' operating system language. Sober.I uses is own SMTP engine to send itself to email address found on infected systems, spoofing the From address.

CDC / H1N1 Vaccination Scam Infects Victims
Attackers are sending email disguised as correspondence from the Centers for Disease Control (CDC). The email claims an H1N1 vaccination registration is required. Those who comply with the request won't be registering with the CDC - instead they will be infecting their computer with a version of the Banker trojan

MakeLOVEnotSPAM mask worn byTrojan
Dubbed TrojanDropper.FakeSpamFighter and Troj/Mdrop-IT, the Trojan masquerades as the Lycos infamous MakeLOVEnotSPAM screensaver

Remove SecurityTool Scareware
securitytool scareware rogue scanner process explorer safe mode registry editor securitytool rogue scareware regedit blocked task manager security tool

Zafi.D worm spreads Christmas fear
A new variant of the Zafi worm, dubbed Zafi.D, sends itself as a Christmas greeting - in a variety of languages depending on the recipient's domain.

Fear-Based Reporting: Have You Been a Victim?
Fear sells. Whether intentional or otherwise, this can sometimes work to the advantage of the media and the disadvantage of consumers. Have you ever been influenced by fear-based reporting, only to find out later that the reports were wrong?

A stocking full of coal: Multiple flaws in Windows could lead to compromise
Ever wonder what Bill Gates gets for Christmas? This year, the Chinese security firm VenusTech delivered three new Windows exploits just in time for the holidays.

Conficker: More Conflict than Worm
Barely a week after the 60 Minutes April Fools' Conficker doomsday update failed to materialize, the closely watched Conflicker.C did finally manage an update. And in an ironic twist, the worm itself debunks much of the hype surrounding it.

Lovgate.W worm
A mass-mailing email and filesharing worm, Lovgate.W also contains backdoor capabilities

PowerPoint Zero Day Vulnerability In-the-Wild
Microsoft has released Security Advisory 969136 warning of a newly discovered zero day PowerPoint vulnerability. The flaw impacts PowerPoint versions found in Windows versions of Office 2000, 2002, 2003, and Office 2004 for Mac.

MyDoom.AM hijacks HOSTS
MyDoom.AM is a mass-mailing email and P2P filesharing worm that modifies the HOSTS file to prevent infected users from accessing certain antivirus vendor sites.

60 Minutes, Conficker, and April's Fool
Is the Conficker worm set to detonate some evil payload on April 1st? According to 60 Minutes, it seems so. Here's the non-FUD behind the Conficker worm.

Bagle.AY worm
Bagle.AY is a mass mailing email and P2P filesharing worm with backdoor and downloader capabilites. As with previous variants and most modern email worms, the worm uses its own SMTP engine to spread via email and the From address is spoofed.

Downadup.AL aka Conficker.B Worm
Downadup.AL aka Conficker.B is a network worm that spreads via autorun, dictionary attacks on weakly protected network shares, and by exploiting the vulnerabilities described in MS08-067. The worm disables services related to automatic updates, error reporting, the Windows Security Center service, and the Windows Defender service. To prevent access to protection and removal tools, the worm also b…

Bagle.AZ worm
Like Bagle.AY, Bagle.AZ is a mass mailing email and P2P filesharing worm with downloader capabilites.

Autorun Worms: How to Remove Autorun Malware
Autorun worms spread from USB/thumb drives as well as fixed and mapped drives. Autorun worms typically drop or download additional malware, usually backdoors and password stealers. Here's how to remove an autorun worm.

Troj/BagleDl-L
Troj/BagleDl-L is a Trojan, not a worm, and does not contain mass-mailing capabilities. However, Troj/BagleDl-L was mass-spammed via email during the morning of March 1st, 2005.

Sality Virus
Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web.

Bagle.BE worm
Discovered on March 1, 2005 in conjunction with several mass-spammed Bagle-like Trojans, Bagle.BE arrives in an email with a blank subject line

Winthb 'Virus' Tied to Backdoor Trojans
A family of backdoor and autorun trojans are working together to plague users. One symptom that may appear - the drive volume name and icon may be changed. The more insiduous aspects of the infection are far more silent and may be overlooked when users attempt manual removal.

Kelvir IM worms
Three new IM worms, Kelvir.A, Kelvir.B, and Kelvir.C were discovered by antivirus vendors on March 6th and 7th, 2005.

A Storm of Scary Email
In recent weeks, a rash of spam has been sent that bear much resemblance to the all-too-familiar tactics of the Storm botnet.

Crog IM worm
The Crog worm edits the system registry to lower security settings, modifies the HOSTS file to redirect access to various security sites and shuts down processes associated with various security software.

Most Damaging Malware
All malware is bad, but some types of malware do more damage than others. That damage can range from loss of files or total loss of security. This list (in no particular order) provides an overview of the most damaging types of malware.

Sober.P worm threatens
Discovered May 2, 2005, Sober.P (also known as Sober.O) is a mass-mailing email that sends itself in either German or English language, depending on the intended recipient's domain.

Easily Remove the MonaRonaDona 'Virus'
The MonaRonaDona 'virus' is a self-advertised 'virus' that isn't even a virus at all. It's a non-replicating program (i.e., a Trojan) that loads when Windows is started, changing the Internet Explorer title bar to read MonaRonaDona and displaying a message which blocks access to your legitimate running programs.

Firefox flaws rated extremely critical
Firefox flaws rated extremely critical

What is JS/Psyme (and How to Get Rid of It)
Many users have experienced repeated warnings of infection by Psyme each time they open their browser. Depending on the antivirus in use, the name given in the warning may be any of the following: Downloader.Psyme (Symantec), Troj/Psyme (Sophos), Trojan.VBS.KillAV (Kaspersky), TrojanDownloader.VBS.Psyme (CA),Trojan.Downloader.JS.Psyme (Kaspersky), VBS/Petch.A (F-Prot), VBS/Psyme (McAfee)

Sober hangover begins
The Sober.P worm abruptly stopped its mass-mailing at midnight GMT on May 9th, presumably entering its second stage of infection.

What is the Storm Worm?
The so-called Storm worm is actually not a worm, but rather a family of Trojans that typically include a backdoor, SMTP relay, P2P communications, email harvester, downloader, and often a rootkit.

Sober.P turns to spam
The Sober.P worm has morphed into a spam Trojan, sending politically-charged messages from infected systems.

U.Z.A. O/S Eliminator Worm
The so-called "U.Z.A. O/S Eliminator" worm appears to have originated in Maldives sometime in late July or early August 2007. The worm exploits the autorun feature, enabling it to spread from removable USB/thumb drives to other computers.

Prevent the Mytob worm
The Mytob variants are mass-mailing email worms that compromise system security by terminating processes related to various antivirus software and modifiying the Registry to disable the XP SP2 firewall.

Freedom / Outlaw Worm
The Freedom 'virus' is a worm that infects local and USB drives, disables access to Task Manager, Registry Editor and other system utilities, and may try to delete MP3 files found on infected systems. Here's how to clean it.

Mytob.AR
Discovered May 30, 2005, Mytob.AR is a mass-mailing email worm that compromises system security by terminating processes related to various antivirus software, disabling the XP SP2 firewall, and modifying the HOSTS file to prevent access to antivirus updates and certain other websites.

Trojan.MeSpam Makes You the Spammer
Instead of relying on bots to do the dirty work, Trojan.MeSpam makes you the culprit. Once infected, every forum post you make, every webmail you send, and every blog comment you leave will also deposit a link pointing to a nefarious website.

Mytob.BI worm
Discovered May 31, 2005, Mytob.BI is a mass-mailing email worm that compromises system security by terminating processes related to various antivirus software, disabling the XP SP2 firewall, and modifying the HOSTS file to prevent access to antivirus updates and certain other websites.

Rinbot Worm Prompts Repeated Denials
Is Rinbot the little worm that isn't? Or is it simply the worm that no one wants to acknowledge exists? Here's a timeline of this "non-threat".

Michael Jackson suicide spam a Trojan
Malware authors eager to capitalize on the Michael Jackson trial have been sending booby-trapped spam messages claiming the pop-singer has attempted suicide.

Storm Worm
The Storm worm spreads via email, using a variety of subject lines and message text that may masquerade as news articles or other current events.

AIM worm impersonates iTunes app
IM worms continue to expand their repertoire of social engineering tricks. W32/Olameg-net, a.k.a. Opanki.Y and AIM/Megalo, installs itself to the Windows System directory as itunes.exe, presumably trying to disguise itself as the popular Apple iTunes application.

Skype Chatosky Worm: Friend or Foe?
Thanks to the Chatosky worm, I uncovered some things about the Skype service that I might not otherwise have known.

Agent.AD Trojan nabs headlines from London attacks
Just hours after BBC published a news report titled "London attackers 'meant to kill'", the Agent.AD Trojan email stole the headline and part of the copy, using it as a ruse to entice victims into opening its infected attachment.

5 Ways to Keep Your PC Safe from Suspicious.Emit
Suspicious.Emit; computer virus; new computer viruses; malware; Prevent Suspicous.Emit

What is Sirefef Malware?
Sirefef; ZeroAccess; computer virus; new computer viruses; malware; Prevent Sirefef

Qspace Javascript Worm Targets MySpace Users
MySpace users are yet again a victim of another targeted attack. Dubbed JS_QSPACE.A by antivirus vendor Trend Micro and JS.Qspace by Symantec, the Javascript worm exploits a cross-site scripting (XSS) vulnerability embedded in a malicious Quicktime .MOV file.

Kelvir Instant Messenger (IM) worm
The most prevalent IM worm is Kelvir family of worms that target MSN Messenger users.

Rontokbro aka Brontok Worm
A mass-mailing email worm that also spreads via USB and thumb drives, the Rontokbro worm - also know as Brontok - takes a multifacted approach to defy detection and removal.

IM Worms Pose Signficant Threat
Since January 1, 2005, at least 358 descriptions have been published for specific IM threats.

Stuxnet Worm
Stuxnet is a computer worm that targets the types of industrial control systems (ICS) that are commonly used in infrastructure supporting facilities (i.e. power plants, water treatment facilities, gas lines, etc).

How does the Stuxnet worm spread?
Stuxnet is a computer worm that targets the types of industrial control systems (ICS) that are commonly used in infrastructure supporting facilities (i.e. power plants, water treatment facilities, gas lines, etc). Often, these devices are not network or Internet connected. So how does Stuxnet get to these devices?

Is Stuxnet Really Targeting Iran?
There has been no shortage of claims that Iran was the intended target of the Stuxnet worm. But the reality is, these claims are completely unfounded. Here are a few of the true facts behind Stuxnet.

Stuxnet: The Unglamorous Truths About the Stuxnet Worm

The Stuxnet worm targets industrial control systems - the types of systems that control nuclear power plants, water treatment facilities, and other critical infrastructure. The serious nature of the Stuxnet worm had led to no end of speculation, finger-pointing, and ultimately to confusion about what exactly the Stuxnet worm is all about.

Stration Email Worm
Stration is a mass-mailing email worm that attempts to download a file from a remote server. The worm may inject itself into certain running processes, potentially causing it to bypass firewalls or other security software.

First Sony PSP Trojan
PSP.Brick impacts the Sony PSP game console, flashing critical system files and rendering the console unbootable. The newly discovered PSP.Brick isn't technically a virus - it's a Trojan. But the news surrounding PSP.Brick could be described as a polymorphic virus - it spreads fast and the story changes with each reporter it infects.

Stration Worm
Stration is a mass-mailing email worm that may attempt to download files from a remote server.

Alleged Botnet Creators Arrested
Dutch police have announced the arrests of the alleged author of W32.Toxbot and two alleged accomplices.

VML FUD FAQ
There's a lot of misinformation being disseminated around the recently discovered VML vulnerability. Here's an attempt to address those misconceptions and alleviate some of the fears.

Sony Rootkit Strikes Sour Note
If you've purchased a Sony-labeled music CD since March 2005 and used it on your PC, chances are it installed a rootkit that can be easily exploited by virus writers.

Zero-Day VML Vulnerability Impacts IE, Windows
A zero-day vulnerability in the Windows implementation of Vector Markup Language (VML) impacts all supported versions of Internet Explorer, all supported versions of Microsoft Windows 2003, Windows XP, and Windows 2000, and recent versions of Outlook and Outlook Express.

Sony President Defends Rootkit
the President of Sony BMG's Global Digital Business, Thomas Hesse, defends Sony's installation of a rootkit by declaring, "Most people, I think, don't even know what a Rootkit is, so why should they care about it?"

Are You in a Botnet?
With 12 million infected systems under their control, botnet operators are controlling a population rougly the size of Guatemala. In fact, the number of infected systems would place it at about 70 out of 230 sovereign states and territories worldwide.

Slapper worm gets facelift: Linux Lupper worm, aka Plupi and Lupii
The Linux Slapper worm has been given a facelift and this time BBS admins and web bloggers are the target. The new worm has been given a half dozen new names, including Linux/Lupper worm Linux.Plupi, Backdoor.Linux.Smal, ELF_LUPPER.A and Exploit.Linux.Lupii.

Popular Antivirus Apps *Do* Work
The more a story gets told, the more the original story gets changed by each new storyteller. Sometimes, the story gets so far removed from the original, that the entire intent of the story is lost and new intent construed. Such is the case with the story of antivirus effectiveness, which was recently put through the spin cycle, wrung out, and reformed by Charlie White, editor of the Gizmodo gadget blog.

Sony Stinx Trojan
The Sony Stinx Trojan exploits the Sony DRM cloaking technology (aka rootkit) installed by music CDs published by Sony after March 2005. This allows the malware to be hidden from view - effectively masking its presence even from most antivirus scanners. The Sony Stinx Trojan installs an IRC Backdoor Trojan that allows remote access to compromised PCs, downloads other malware, and disables the Windows XP firewall.

McAfee Downplays Security Flaws
Vulnerability researchers at eEye Digital uncovered serious flaws in McAfee security products that could allow attackers to gain remote control of affected systems.

Sober.R Worm
Sober.R arrives in an email message that may be in either German or English language, depending on the recipient's domain.

Yahoo worm: JS/Yamanner
An early-morning report on a security mailing list led to the discovery of Yamanner, a mass-mailing email worm that impacted Yahoo webmail users.

sober.s Worm
sober.s arrives in an email message that may be in either German or English language, depending on the recipient's domain.

Gamblers Lose Big with Free Tool
Every successful gambler knows how to handle a certain amount of risk, and how to minimize their losses. But a free tool that promised to help gamblers get the most out of the game turned out to be a Trojan that scammed them out of their winnings.

Sober.T Worm
Sober.T arrives in an email message that may be in either German or English language, depending on the recipient's domain.

Hoot Worm Preys on Company
It seems a disgruntled employee targeted their enterprise with a worm that causes pictures of a rather odd looking owl to print on nearly 40 printers specific to the targeted firm.

Sober.U Worm
Sober.U arrives in an email message that may be in either German or English language, depending on the recipient's domain.

Nugache Worm
Nugache is a worm that may spread via email, IM, or P2P networks.

Sober.X Worm Description
Sober.X is a mass-mailing email worm that sends itself in either English or German depending on the recipient's domain. In addition to mass-mailing, Sober.X terminates processes related to various antivirus and security programs.

Ransomware: Trojans demand money from victims
Having your computer infected with a virus or other malicious software is upsetting enough. But over the past year, a new type of attack promises to be even more disconcerting. Dubbed ransomware, this new attack infects the system, encrypts the files, and then demands payment from its victims.

WMF Image Handling Exploit
A serious vulnerability in Windows Fax and Picture Viewer can allow remote attackers to use .WMF image files to gain control of your system.

QuickBatch Trojan Targets the Blind
There is no such thing as a good virus, but some viruses are more despicable than others. Case in point, the newly discovered W32/QuickBatch.G!tr Trojan that specifically targets members of the blind community.

2001: Year of the Virus
Detecting email-borne viruses every 18 seconds, MessageLabs calls 2001 The Year of the Virus

Bagle worm variant warns: 'Lawsuit Against You'
Bagle worm variant that spreads via email and fileshares/P2P networks warns of 'Lawsuit Against You'

2002: Virus Writers Contribute to SPAM
The year 2002 ushered in a new era of malicious marketing code

Nyxem aka Blackmal worm
Discovered on January 17, 2006, the Nyxem worm has a dangerous payload that executes on the 3rd of each month, overwriting files with specific extensions.

2003: Year of the Black Sheep
It seems appropriate that the Chinese dubbed 2003 as the Year of the Black Sheep. Among other things, the sheep is a symbol of untidiness - and from a virus standpoint, the year was indeed a mess.

2005: Top Ten Malware Events
Here's the best and worst of 2005 from a malware perspective.

AntiVirus Research Center
Timely and searchable information concerning viruses currently in-the-wild and even those that are not.

AVP's VirusList
So comprehensive, it might be somewhat difficult to navigate. Well worth the effort, AVP delivers the definitive virus encyclopedia.

Hoaxes and Myths
Though not a virus, hoaxes and myths can still cause downtime and loss of productivity due to unwarranted panic. Rob Rosenberger maintains a plethora of information concerning these non-threatening threats.

Computer Virus Info
From F-Secure, an alphabetized database of virus descriptions. Search by exact name or keyword.

Panda Virus Descriptions
From the makers of Panda Antivirus, an encyclopedia searchable by name, category or family. The database is prefaced by an introduction to computer viruses and a handy glossary of terms.

The WildList
Compiled from various reporting agencies and individuals. Listing all viruses actually causing active infections worldwide, the wildlist is updated monthly.

Virus Analyses
One very long list of just some of the viruses detected by Sophos.

Virus Information Library
The McAfee AVERT Virus Information Library includes detailed information on viruses as well as popular hoaxes and myths.

WildList Virus Descriptions
F-Secure simplifies the WildList by linking descriptions to the names of the viruses reported to be in the wild. Updated monthly.

What is Malware?
A detailed explanation of malware, which includes viruses, trojan horses, logic bombs, spyware, worms, and rootkits.

©2014 About.com. All rights reserved.