HACKERS PLAN TO DENY CHRISTMAS WITH TROJAN ZOMBIES. Copyright 2000 VNU Network News November 22, 2000 Internet security researchers have warned that hackers are planning to launch internet-based Denial of Service (DoS) attacks on web retailers over the Christmas period. Internet Security Systems (ISS) said that many hundreds of computers are infected with so-called zombie agents, which would allow hackers to commandeer the machines and cripple the servers by flooding sites with a huge number of spurious requests. However, the company warned that only 10 per cent of online retailers are prepared to deal with attacks of this type, which were responsible for bringing down high-profile sites such as Yahoo and eBay in February this year. Chris Rouland, director of X-force, a counter-hacker group at ISS, warned that the current spread of Trojans parallels the events that occurred prior to the attacks. "These tools are likely to be used over the Christmas period against online retailers who are not prepared to deal with them," he said. "If you said 10 per cent were prepared, it would be a liberal estimate." X-Force, whose members infiltrate hacker gangs to get intelligence on the digital underground, has discovered over 800 computers infected with the SubSeven DEFCON8 2.1 backdoor, a variation of the SubSeven Trojan. This has been distributed on Usenet newsgroups with file names such as 'SexxxyMovie.mpeg.exe'. The group has determined that individuals are using this network of compromised hosts to test new distributed DoS (DDoS) methods and strategies. Alarmingly, fresh versions of the Stacheldraht and Trinity DDoS attack tools, earlier versions of which were the chief weapons deployed during the attack on eBay and other sites, are also spreading. The tools were detected in corporate networks, as well as in personal computers with high-speed network connections which would magnify their potential effectiveness. A number of techniques have been suggested to defend against DoS attacks since they first occurred, some involving configuring internet routers to block such attacks. However, the effectiveness of these remains unproven. Network managers should put security policies in place and deploy technologies, such as intrusion and virus detection, to prevent becoming unwitting agents in attacks, Rouland advised. -- archive: http://theMezz.com/cybercrime/archive unsubscribe: [EMAIL PROTECTED] subscribe: [EMAIL PROTECTED] url: http://theMezz.com/alerts ___________________________________________________________ T O P I C A http://www.topica.com/t/17 Newsletters, Tips and Discussions on Your Favorite Topics