First Half of 2008's Most Bizarre Malware

By Matthew Hines  |  Posted 2008-07-17 Print this article Print

Anti-virus specialist Panda Security has issued a listing of the most unique and unusual malware specimens that its researchers uncovered during the first six months of 2008.

And much like the crowd of basement-dwelling, fashion-defying miscreants that likely created many of the code samples, the list is populated by some truly strange and perplexing examples.

It would seem that like the range of threats existing on the malware ecosystem today, the broad diversity of nefarious innovation on display among the listed threats is bounded only by the limits of human and technological creativity.

So, without further ado, enjoy the freakish sampling of malware mutations as recognized by PandaLabs.

And the honors go to:

Creepiest: MalwareProtector2008 and AdvancedXpFixer -- a pair of malware packages featuring "virtual roaches" that slowly eat the desktops of victimized systems in an attempt to convince them to download security software (what novel marketing!).

Cleanest: Tixcet.A -- a worm virus that wipes the hard disks of the computers it subverts.

Top "kidnapper": PGPCoder.E -- a ransomware program that encrypts files on infected machines and demands payment to give them back.

Most romantic: Nuwar.OL, Nuwar.QI and Valentin.E -- these Storm Worm and Valentin.E variants targeted the affectionate and lovelorn in trying to dupe recipients.

Most informative: Romeo.C -- this malware program serves up real live breaking news headlines to users while secretly subverting their systems.

Top "imposters": Manclick.A, Manclick.B and Manclick.C -- these multistaged attacks pose as legitimate applications while affecting system services and spoofing phishing bank pages that try to collect confidential user info.

Most deceitful: FakeDeath.A -- this worm virus announced the death of Cuban President Fidel Castro while silently infecting systems in the background.

Most apocalyptic: RenameLoi.A -- this worm predicts the end of days by spamming users with messages about the Antichrist and Judgment Day.

Coolest pig: MSNWorm.EI -- this attack displays a picture of a makeup-wearing pig whilst carrying out its nefarious payloads.

Noisiest: BeepBeep.A -- hardly stealthy, this threat taunts affected users with a stream of grating audio cues.

What the second half of '08 will bring, one can only imagine.

Until then enjoy the piggy picture and beep-beep noises while those roaches eat your desktop that carries all those interesting news items, at least the ones you can read around the virtual roaches.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWEEK and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel