http://www.informationweek.com/story/IWK20010517S0005
Virus Targets NSA's Echelon While experts agree that the writers who recently crafted a variant of the ILOVEYOU Outlook worm may not spread infections very far, its reason for existence may get the attention of the National Security Agency. According to antivirus software maker Sophos Inc., which described the virus Wednesday in an alert at http://www.sophos.com/virusinfo/analyses/vbsloveletcl.html, only one incident has been reported so far. As with most recent worms, this one, named VBS/LoveLet-CL, requires Microsoft Outlook and attempts to send itself to every address in an infected computer's address book. The worm doesn't offer a really compelling reason to click the attachment. The subject line reads "!!!" and the body of the E-mail reads ": - ) MuCuX..." and carries the attachment echelon.vbs. Most Internet users may be unaware that the National Security Agency runs project Echelon, which purportedly aims to eavesdrop on phone calls, fax transmissions, and E-mails containing certain key words, and people whose computers are infected with this virus won't see the slew of text hidden within the executable. According to Sophos, the file is packed with keywords. The keywords seem to be designed to attract the electronic ears of Echelon's spy satellites, likely with the hopes of overloading the system. Keywords include NSA, PGP, cia, yemen, toxin, DEA, smuggle, spook, words, nitrate, and boobytraps. The authors, going by the monikers Extirpater and beyin, also call for other hackers to "fl00d" Echelon. Fl00d is hacker-speak for a denial-of-service attack. Many people may wonder why virus writers unleash their destruction on others' digital property. And the only clue from these two virus writers is their question to the NSA: "Why are you using echelon type stupid things to listen around . . .?" -- George V. Hulme |