safety first
fishboyAi | 09.06.2005 20:33 | G8 2005 | Culture | Health | Technology | London
potential computer virus disruption.. already dealt with.. dunno specifics though... heres the blah...
Triple virus wears down computer defences
16:43 06 June 2005
NewScientist.com news service
Will Knight
Related Articles
'Patient zero' pinpointed in PC-worm outbreak
27 May 2005
Trojan holds computer files to ransom
25 May 2005
Instant messaging falls prey to worms
14 May 2005
Search New Scientist
Contact us
Web Links
Glieder.AK, Computer Associates
Fantibag, Symantec
Mitglieder, F-Secure
A trio of computer viruses work together to knock out a PC's defences before turning machines into drones that hackers can control.
Anti-virus experts say the multi-stage strategy for infecting vulnerable computers could create a vast army of "zombie" machines capable of crippling commercial websites or churning out large quantities of spam email.
The viruses deliver a triple whammy - progressively breaking down a computer's defences rather than punching through them in one go. Analysts say the bugs could creep through defences gradually and warn that they represent an unprecedented convergence of "malware" - malicious software.
"It is a very deliberate strategy to disarm defences on a massive number of machines and quickly turn these into a zombie army," says Simon Perry, European vice president of security strategy at the US-based company Computer Associates.
Chain reaction
The first line of attack is a Trojan program called "Glieder" that arrives in an email and activates when a user double-clicks on the attachment - triggering a chain reaction designed to take the computer hostage.
Several new variants of Glieder were released in rapid succession on Friday in an effort to reach as many machines as possible, anti-virus companies say.
Once installed, Glieder tries to download two more programs from a long list of web addresses. This makes the computer more vulnerable to attack from the two follow-on Trojan programs.
The second Trojan, known as Fantibag, deactivates anti-virus and other security software and blocks access to security-related websites, opening up the computer to infection. The final bug, "Mitglieder", completes the attack by installing a program that can be used to control the machine remotely.
Anti-virus companies warn that the release of these cooperative programs is meant to generate an army of remote-controlled, or "zombie" PCs.
Hackers use zombie machines to extort money from commercial websites by threatening them with an overwhelming amount of web traffic, which would force them offline. Spammers also use these machines to send out spam that is much harder to block at source.
"There is definitely a criminal element behind the design and functionality of these viruses," Terry adds. "Zombie machines are sold on an underground equivalent of eBay."
16:43 06 June 2005
NewScientist.com news service
Will Knight
Related Articles
'Patient zero' pinpointed in PC-worm outbreak
27 May 2005
Trojan holds computer files to ransom
25 May 2005
Instant messaging falls prey to worms
14 May 2005
Search New Scientist
Contact us
Web Links
Glieder.AK, Computer Associates
Fantibag, Symantec
Mitglieder, F-Secure
A trio of computer viruses work together to knock out a PC's defences before turning machines into drones that hackers can control.
Anti-virus experts say the multi-stage strategy for infecting vulnerable computers could create a vast army of "zombie" machines capable of crippling commercial websites or churning out large quantities of spam email.
The viruses deliver a triple whammy - progressively breaking down a computer's defences rather than punching through them in one go. Analysts say the bugs could creep through defences gradually and warn that they represent an unprecedented convergence of "malware" - malicious software.
"It is a very deliberate strategy to disarm defences on a massive number of machines and quickly turn these into a zombie army," says Simon Perry, European vice president of security strategy at the US-based company Computer Associates.
Chain reaction
The first line of attack is a Trojan program called "Glieder" that arrives in an email and activates when a user double-clicks on the attachment - triggering a chain reaction designed to take the computer hostage.
Several new variants of Glieder were released in rapid succession on Friday in an effort to reach as many machines as possible, anti-virus companies say.
Once installed, Glieder tries to download two more programs from a long list of web addresses. This makes the computer more vulnerable to attack from the two follow-on Trojan programs.
The second Trojan, known as Fantibag, deactivates anti-virus and other security software and blocks access to security-related websites, opening up the computer to infection. The final bug, "Mitglieder", completes the attack by installing a program that can be used to control the machine remotely.
Anti-virus companies warn that the release of these cooperative programs is meant to generate an army of remote-controlled, or "zombie" PCs.
Hackers use zombie machines to extort money from commercial websites by threatening them with an overwhelming amount of web traffic, which would force them offline. Spammers also use these machines to send out spam that is much harder to block at source.
"There is definitely a criminal element behind the design and functionality of these viruses," Terry adds. "Zombie machines are sold on an underground equivalent of eBay."
fishboyAi