Language Selection

English French German Italian Portuguese Spanish

Computer viruses become hacker informants

Filed under
Security

An emerging breed of computer virus that keeps hackers informed about the latest weaknesses in computer networks has been discovered by security experts.

The viruses infect a computer network, scan for security vulnerabilities and then report back to hackers through an internet chatroom.

Armies of computers infected with "bot" viruses are routinely controlled via a chatroom connection. Typically these machines are used to knock a website offline with a "denial of service attack" or as a conduit for sending out spam email.

However, the ability of some bots to scan their hosts for unpatched security holes and report their findings back to hackers has gone largely unnoticed until now.

The emerging class of malware or malicious software - known as vulnerability assessment worms - "phone home" to allow hackers to fine-tune further attacks or perhaps even target an individual PC within a network.

This pernicious form of program is just one of a growing number of new viruses identified each month, says computer security expert Bruce Schneier.

"The virus trend doesn't look good," Schneier writes in the June 2005 edition of the Association for Computing Machinery journal, Queue. "More than a thousand new worms and viruses were discovered in the last six months alone."

Schneier cites the worm SpyBot.KEG, discovered in February 2005, as one of those in the vanguard of the vulnerability assessment worms. It reports the nature of vulnerabilities back to its author via an Internet Relay Chat (IRC) channel - a type of online chatroom.

Schneier expects newer IRC worms to emerge with even more complex vulnerability-exploiting behaviours. And he expects to see peer-to-peer file-trading networks becoming a major launch pad for new viruses.

Schneier's firm, California-based Counterpane Internet Security, monitors more than 400 corporate networks around the world and defends these against attack.

Kevin Hogan, senior manager at Symantec's Security Response division in Dublin, Ireland, says that the volume of new viruses is so vast because the source code for many programs is posted online, allowing anyone to make their own variant.

"As soon as a new vulnerability is apparent in a server, someone can modify a bot to exploit it," Hogan says. "So the bot tells the hacker which machines on a network are vulnerable and it can be ordered to attack a host PC or a whole set of hosts, turning them into spam relays perhaps, or harvesting credit card numbers from their hard drives."

Hogan says that good firewall defences will prevent hackers from communicating with bots. And he says IRC has proved the downfall of many a botnet operator. Once the genuine IP address of the IRC channel host is known, tracking the hacker is not too difficult. "IRC is how they work, but it's also the Achilles heel of the botnet," he says.

Source.

More in Tux Machines

Why You Should Switch to Ubuntu MATE Edition

When I first came to Linux, I gravitated to KDE and then later on, early GNOME. Back then, these desktop environments were designed mostly to provide a usable X environment from which to use Linux compatible applications. Today, however, our need for a desktop environment is more varied. Some individuals prefer to have a desktop experience that is rich, full of nice effects and looks great. Others still, prefer a desktop experience that provides a simple, hassle free interface. My own desktop needs, reflecting on the ideas above, have also evolved. I went from wanting a fancy, slick GUI desktop over to leaning with a lighter weight desktop. XFCE started off as my go-to lightweight desktop preference, while keeping Gnome 3 around on another machine because it was fun to use. After a lot of recent thought and reflection, I have decided to commit full time to a "no frills" desktop environment. My desktop of choice: MATE on Ubuntu. Read more

Tizen Samsung Z1 full specifications leaked, India release followed by China and Korea

We have been waiting for the Samsung Z1 launch event, and it looks like its finally happening at a secret Samsung Z1 launch event in India. Its exciting to see that we have final specifications of the Z1 which runs Tizen 2.3, 4.0 inch 800 x 480 PLS TFT display, 768MB RAM, 1.2GHz Dual-core processor, 3MP primary camera with a LED flash, VGA Front Facing Camera, 4GB internal storage, microSD card slot, with a 1,500 mAh battery. Read more

The 5 Best Linux Stories of 2014

Two Thousand and Fourteen was an exciting, tumultuous and rather funky year for Linux. Great consumer news, forks, death threats, hardware delays and... something truly unthinkable just a few years ago. Truth be told I'm still trying to wrap my head around, what feels like, the zaniest year of Linux shenanigans I have ever seen. Here are the 5 stories that, I feel, best sum up what happened with Linux (and the related Open Source world) in 2014. Read more

How To Install Puppy Linux Tahr On A USB Drive

Puppy Linux is a lightweight Linux distribution designed to run from removable devices such as DVDs and USB drives. There are a number of Puppy Linux variants including Puppy Slacko, which utilises the Slackware repositories, and Puppy Tahr which utilises the Ubuntu repositories. Other versions of Puppy Linux include Simplicity and MacPUP. It is possible to use UNetbootin to create a bootable Puppy Linux USB drive but it isn't the method that is recommended. Puppy Linux works great on older laptops, netbooks and computers without hard drives. It isn't designed to be installed on a hard drive but you can run it that way if you want to. Read more