Careers & Certifications

10:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Most Web Users Safe As Major Net Attack Slows To Keyboard Logging

A computer virus designed to steal valuable information like passwords spread Friday through a new technique that converted popular Web sites into virus transmitters.

"This [attack] is only in the early stages," said Dunham, "and the IP address [for the Russian site] could easily be changed in future variants. Even as these hacker sites rise up and fall down, we still have the attack issue to deal with."

More attacks are probably in the offing because of the group behind the attack. "It looks like the HangUP Team out of Russia is doing this," he said. F-Secure, a Finnish anti-virus firm that's been aggressively analyzing the attack, also pegged HangUP as the most likely culprit.

HangUP, a for-profit malicious code-cutting group out of Russia, developed the backdoor Trojan horses that were uploaded to client systems exploited by Friday's attack. Those Trojans "are designed to steal credit card and other information that is then marketed to organized identity theft markets," said Dunham.

The reason why Dunham and others expect additional attacks is because of HangUP's past practice with the Korgo worm, which the group is also suspected of writing. Korgo, now in its eighteenth variation, exploits the LSASS vulnerability in Windows which was made public several months ago.

"It's highly likely that we'll see additional attacks, if, in fact, HangUP is behind this, because of the number of Korgo variants it's put out," said Dunham.

Previous
2 of 5
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed