Swift virus writers wheel out one-week worm

By on

Hackers have created a worm that exploits Microsoft vulnerabilities, including one that was only announced last week.

The Zotob.A and Zotob.B viruses are network worms, in the style of last year's virulent Sasser strain, rather than email worms that have recently been more popular.

"The key thing here is these worms are exploiting a brand new vulnerability," said Graham Cluley, senior technology consultant at antivirus company Sophos. "Although we haven't seen a vast number we do expect it to cause problems for unpatched versions of Windows 2000. It will be interesting to see how many company's have completed the patch process."

Zotob is not expected to affect Windows XP SP2 but may infect unpatched versions. Once a PC is infected it can be taken over by a remote hacker or used as part of a botnet.

"I don't think it's the return of the network worm because the network worm never went away," said Cluley. "Email worms hit the charts because they are easier to count. Over the last year we've seen a number of successful worms that don't spread by email, like Rbot and now Zotob."

Microsoft was recently the centre of another viral storm when SC reported how the Monad virus had been created with the sole aim of attacking the upcoming Windows Vista operating system. Microsoft responded by claiming the vulnerable software affected by the virus will not be included in the first release of Vista.

www.sophos.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?