Much-feared internet attack fizzles

CatoCooper13

New Member
Joined
Jun 18, 2003
Messages
6,441
Reaction score
4
Much-feared internet attack fizzles

AP - A feared internet attack resulting from a fast-spreading computer virus fizzled, as security officials said they contained it by identifying and blocking computers that were crucial to coordinating it.

Instructions written into the latest version of the Sobig virus, which began appearing on Tuesday, called for infected Windows machines to try to download a program that, until the attack began at 0500 AEST Saturday, had an unknown function.

Experts feared the program could have deleted files, stolen passwords or created rogue email servers for spreading junk email.

But Vincent Weafer, security director with Symantec Security Response, said that, when the appointed time came, all the virus did was visit a pornography site.

"There is nothing malicious - just a standard sex site," he said.


The attack began with the virus trying to reach one of at least 20 computers, mostly in the United States and Canada, to obtain information that was crucial to continuing.

Internet addresses written into the virus point to those computers being home machines connected through broadband services such as cable or DSL, said Chris Rouland, vice president for research and development at Internet Security Systems Inc.

It was unlikely the machines' owners knew that they had been chosen as accomplices, he said.

Anti-virus experts identified the computers, and persuaded their internet service providers to shut internet access to some of them.

Within minutes of the attack's beginning, researchers at Network Associates Inc, an anti-virus software vendor, were unable to reach any of the computers, said Craig Schmugar, a virus research engineer.

"It looks like this attack is averted," Schmugar said.

Other experts were able to reach only one of the 20.

Infected computers were programmed to keep trying every Friday and Sunday between 3pm and 6pm.

Mikko Hypponen, manager of anti-virusresearch with F-Secure Corp in Finland, said users should clean their computers using anti-virus software - anti-virus companies have issued free tools to do so - or turn off machines if they cannot run the disinfecting software.

Users with firewall programs could block UDP port 8998, which was the internet opening the virus used to communicate with the outside world.

Already, Sobig has resulted in email disruptions at several businesses, universities and other institutions. Sobig did not physically damage computers, files or critical data, but it tied up computer and networking resources.

Meanwhile, the New York Times asked employees at its headquarters to shut down their computers because of "computing system difficulties". A spokesman declined to discuss the type or scope of the problems but said that the newspaper would publish a Saturday edition.

Spokesman Toby Usnik declined to say whether a computer virus might be to blame.

Users get the Sobig virus when they click on attachments to email carrying such subject lines as "Details", "Approved", and "Thank you!".

One email company, MessageLabs Inc, has declared it the fastest email infection ever.

The Sobig outbreak came just one week after a virus known as LovSan and Blaster took advantage of a flaw in the Windows operating system to clog computer networks around the world.

The Blaster outbreak has started to subside, experts said.


©AAP 2003
 
I am not worry since I am use Mac... The vast majority of hackers and virus writers choose to focus their criminal efforts on the predominant platform, which is Windows.
 
weekend said:
I am not worry since I am use Mac... The vast majority of hackers and virus writers choose to focus their criminal efforts on the predominant platform, which is Windows.

Yeah, it is so obvious... :fart:
 
Last edited:
not worried i updated EVERYTHING when they were first announced and i have my warning prepared!
 
Back
Top