thousands of personal computers worldwide Saturday morning by exploiting
a security flaw in a firewall program designed to protect PCs from
online threats, computer experts said. The "Witty" worm writes random
data onto the hard drives of computers equipped with the Black Ice and
Real Secure Internet firewall products, causing the drives to fail and
making it impossible to restart the PCs. Unlike many recent worms that
arrive as e-mail attachments, it spreads automatically to vulnerable
computers without any action on the part of the user. At least 50,000
computers have been infected so far, according to Reston, Va.-based
computer security firm iDefense and the Bethesda, Md.-based SANS
Institute. The firewalls were developed by Atlanta-based Internet
Security Systems. Chris Rouland, vice president of the company's X-Force
research and development division, said that as many as 32,000 corporate
computers could be infected. The company does not know how many home
users are infected. ISS released a patch and a detailed writeup of the
affected products.
Most infected computers will have to be rebuilt from scratch unless
their owners instead decide to buy new ones, said Ken Dunham, a computer
security expert at iDefense. "The thing looks like it will corrupt or
crash most drives enough so that reinstallation is going to be
required," he said. "This is a very destructive worm." Officials at the
Department of Homeland Security, which is in charge of the government's
cybersecurity efforts, were unavailable for comment. Internet worms,
viruses and other malignant software often install software or open
"back doors" that allow hackers to control infected computers. That
often gives them access to private data that people keep on their
computers, and allows them to use those computers to send out e-mail
spam that cannot be traced back to its real owner. The Witty worm is
different and in some respects more destructive because it renders the
computer useless...continued...."
Look for the story here:
http://www.securitynewsportal.com/index.shtml
Dammit..now the software that we install to protect against Worms and
malicious Trojan horses is itself being used for an attack.
-Gel
--
Incoming mail is certified Virus Free.
Checked by AVG Anti-Virus (http://www.grisoft.com).
Version: 7.0.225 / Virus Database: 262.5.7 - Release Date: 3/21/2004
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
