ISS customers targeted in worm attack

By

A malicious worm is targeting customers of IT security firm Internet Security Systems (ISS).

The worm, Witty.A, exploits a hole in the firm's firewall products, such as RealSecure and BlackICE, and, experts report, is similar to the Blaster virus, which caused millions of dollars worth of damage last year.


The worm is designed to spread by itself without traveling via emails or attachments. It has the potential to delete and overwrite random sectors of hard drives.

ISS responded to the threat by issuing a patch and issued a statement on its website that read: "The Witty worm uses hard-coded addresses and only has the ability to infect certain builds of the Protocol Analysis Module (PAM). The Witty worm is destructive to the target system, and overwrites key hard disk sectors after sending out its payload. The junk data written to disk may impact system stability and cause a 'blue screen' to occur upon reboot."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

First npm worm "Shai-Hulud" released in supply chain attack

First npm worm "Shai-Hulud" released in supply chain attack

"VoidProxy" PhishKit targets Google and Microsoft users

"VoidProxy" PhishKit targets Google and Microsoft users

Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

Log In

  |  Forgot your password?