[Vision2020] Worm Strikes Down Windows 2000 Systems

Burt Sid sid.burt at gmail.com
Wed Aug 17 14:17:39 PDT 2005


It's spreading:

http://news.ft.com/cms/s/73b96c5c-0ea7-11da-9c92-00000e2511c8.html

Corporate computer networks suffer rash of viruses
By Kate Mackenzie in London and Scott Morrison in San Francisco
Published: August 17 2005 00:43 | Last updated: August 17 2005 20:19

Businesses on Wednesday rushed to secure computer systems as a rash of
competing viruses targeted corporate networks around the world running
some versions of Microsoft's software.

Companies affected included CNN, ABC News, the New York Times and the
Financial Times. Computers at DaimlerChrysler, Kraft and UPS were also
reported to have been infected by the worms, known by several names
including Zotob and Rbot.

"We have grouped them into four main families," said Mikko Hyppönen,
chief research officer at Finnish security software company
Datafellows. "They're even fighting with each other; some versions are
removing earlier versions. It seems like some fighting is going on
within rival virus writing gangs."

By Wednesday night 12 variants of the worm had been identified and Mr
Hyppönen said more strains would probably be released over the next
few days. However, the threat was expected to recede as companies
updated software.

The impact is thought, so far, to be less than from similar attacks by
Blaster in 2003 and Sasser last year.

"As people patch their systems and start to take precautions, [the
threat] will diminish," said Les Fraser, security spokesman for the
British Computing Society.

However, Ken Allan, partner at Ernst & Young, said the cost could run
into millions of pounds.

The rash of worms was prompted by Microsoft's publication last week of
details of a vulnerability in Windows 2000, Windows Server 2003 and
some versions of Windows XP. Microsoft frequently publishes details of
vulnerabilities in its software as soon as "patches" to fix the flaws
become available. However, virus writers are increasingly taking
advantage of the information before computer network administrators
have time to install the defences. The day after the vulnerability was
publicised last week an anonymous computer programmer, believed to be
based in Russia and using the name "houseofdabus", published a
computer code on the internet that made it easy for virus writers to
exploit the flaw. The first virus to use the software was published on
Sunday, and on Wednesday at least five more were released.

"Houseofdabus" is thought to be responsible for a similar piece of
code in early 2004 that led to the propagation of the Sasser virus.
While viruses were traditionally used by hackers to assert their
supremacy in "graphiti" style claims to fame, the past 18 months have
seen worms such as the Zotob variant, which allows an intruder to
control an infected computer, increasingly used by criminal groups for
sending spam e-mail or for fraud.


On 8/16/05, Tom Hansen <thansen at moscow.com> wrote:
> Thank God my machines run on Windows XP.
> 
> http://www.cnn.com/2005/TECH/internet/08/16/computer.worm/index.html
> 
> Tom Hansen
> Moscow



More information about the Vision2020 mailing list