Personal Tech Pipeline | E-mail Zombies Detonated By Chat And IM
<A HREF="http://as.cmpnet.com/event.ng/Type=click&amp;FlightID=48965&amp;AdID=81855&amp;TargetID=315&amp;Segments=115,1411,2549,2690,3108,3448,4751,6918&amp;Targets=315,2164,2625,2878,5028&amp;Values=34,46,51,63,77,85,90,100,140,203,222,227,442,645,646,659,1184,1405,1431,1716,1767,1785,1798,1901,1925,1935,1936,1945,1970,2217,2299,2310,2329,2352,2678,2787,2862,2878,2942,2956,3229,3347,3385&amp;RawValues=&amp;Redirect=http://www.thesmbadvantage.com" target="_top"><IMG SRC="http://i.cmpnet.com/ads/graphics/as5/ht/custom/HewlettPackard/WW/hsw_5011_CMP_728x90_ul.jpg" WIDTH=728 HEIGHT=90 BORDER=0></A>

White Papers

Sponsor Resources

WebCasts
Free Newsletter GlossaryContact UsAbout Us
Players & CamsPhones & PDAsHome & AutoOnline

August 17, 2005

E-mail Zombies Detonated By Chat And IM

Serious damage has been caused at enterprise sites including CNN, ABC, and The New York Times.

Courtesy of Messaging Pipeline

Reports are coming in from threat centers around the country that the Zotob virus continues to spread rapidly, and impact Windows XP computers on consumer and enterprise desktops. Reports have included serious service interruptions at CNN, ABC, the New York Times, and other places.

Dimitri Alperovithch, a research engineer at CipherTrust, says the Zotob virus is spreading faster than any virus he has ever seen. "It's the zombie effect," he says, "the Zotob virus is using zombie PCs that have been taken over by a hacker to spread a virus, very, very effectively." He noted that at one point today, more than 2000 zombies were part of the network that is spreading the virus. Meanwhile, the IMLogic Threat Center this morning reported that both the Zotob and IRCbot worms are using a chat channel to allow hackers to gain access and control of an infected machine. In a statement, the company said, "The rapid spread of these worms is illustrating the special problems posed by threats that can leverage real time data channels like IM."

The statement added that the worms are taking advantage of a Windows 2000, XP and Server 2003 vulnerability caused by a flaw in the Windows operating system which allows hackers to exploit the “plug and play” capability of the Windows system. The vulnerability can be exploited by an infected machine creating a denial of service attack on other vulnerable machines. By leveraging a chat channel, the initiating hacker gains access to a host machine, leveraging it to attack other networked machines.

Once successfully executed, the vulnerability allows a hacker to impact a number of systems, including stealing system info or the most damaging impact of forcing an infected computer into a continual reboot.

Initially rated a "low" risk by security industry threat centers, the rapid propagation of the Zotob and IRCbot worms has motivated providers to increase the risk level.

The worm appears to lay quiet on an infected machine until prompted into action by the hacker. The messaging channel opened up by the worm appears to await direction prior to disrupting system activity or propagating itself on the network.

E-mail This Story
Print This Story
Reprint This Story




More Information


Get the latest Personal Tech news, product info, and trends every week.


Related Content

  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Blog RSS Feed



Keeping Up To Date On Enterprise Server Tech?
Review our compilation of columns on server security, database software, and Linux issues.
Unleash the Power & Opportunity of Grid Computing
Experts will identify trends in grid computing, provide
examples and examine solution options.
Using Current Performance to Shape
Future Results

Hear new strategies for improving business
performance and results.

Editor's Picks

Well, Microsoft has "unfolded" its "Origami" ultra-mobile PC platform Thursday. It turned out to be a full-featured PC smaller than a tablet but bigger than a PDA. Are you impressed?
Yes! I want one!
Sort of. We'll see.
No! It's too big for a pocket and too small for real computing. What's the point?


In search of personal tech products? See our new Product Finder, where you'll find personal computing devices, communications solutions, security products, and more.



PERSONAL TECH PIPELINE MARKETPLACE (sponsored links)
Transform your IT infrastructure with IBM
Successful CIOs see IT as a prime stimulus for business innovation-and themselves as key participants in a process that develops business and IT strategies in concert. Read an executive summary and register to download the full IBM paper.

Symantec Backup Solutions
Desktop to Data Center Protection. Explore the Official Symantec Site.

Block or Secure IM Use
IM threats up 250%. Protect your corporate network. Free Download.

Secure & Easy Console Management with Digi CM
The Digi CM console server provides secure, intelligent & easy access to network devices with a serial console port. With Digi CM, you can securely monitor & control servers, routers, switches & other devices even when your network is down.

Learn how much you save with open source.
Find out how much of a financial impact open source can have on your enterprise. Get these tools now, compliments of JBoss. Go!


Buy a Link Now


Top ten search terms from the TechWeb TechEncyclopedia
How does your pay rate? Check the InformationWeek Salary Survey
Mobilized Solutions Guide: Find and compare solutions for your business
Top Requested White Paper Categories from TechWeb White paper Library
Top ten search terms from the TechWeb TechEncyclopedia