New Web Worm Virus - Slapper!
17 September 2002, 02:25 PM
#1
http://news.bbc.co.uk/1/hi/technology/2263693.stm
A malicious web worm is travelling across the internet enrolling vulnerable machines into a network that some experts think will be used to attack high profile websites.
The Computer Emergency Response Team has issued a warning about the "Slapper" worm that has infected thousands of Linux web servers.
The worm exploits a known loophole in a popular security program and is slowly recruiting machines into its attack network.
Security experts are urging people to update software to close the loophole and check to ensure their machine has not been infected.
Huge network
The Slapper worm is targeting servers running the popular Apache software. This free Linux based program is by far the most widely used web server software.
The worm exploits a vulnerability in Apache servers running software called OpenSSL. Ironically, this is used to make web transactions secure.
The worm marks something of a departure for virus writers which typically target programs made by Microsoft.
Anti-virus firm F-Secure has inserted a dummy machine into the peer-to-peer network being created by Slapper and the company estimates that, so far, the worm has recruited more than 6,000 machines.
Experts speculate that the creator of the worm wants to build a large network of slave machines that can be used to trigger denial of service attacks. These flood target sites and servers with data hoping to knock them offline.
Potential threat
So far the worm seems content to build up its own network and has only been used to carry out one attack on a net service provider.
Security experts are divided on the threat that Slapper poses. Some fear that if all the recruited machines are activated they could launch devastating attacks.
But other anti-virus companies are reporting that none of their customers have been infected by the worm and say the threat it poses is low.
Like many other malicious programs, the worm is exploiting a vulnerability that has been known about for some while.
The loophole was first discovered in August and patches for it were posted soon after. Anyone using OpenSSL up to and including versions 0.9.6d or 0.9.7beta1 is strongly advised to upgrade to the newest version.
A malicious web worm is travelling across the internet enrolling vulnerable machines into a network that some experts think will be used to attack high profile websites.
The Computer Emergency Response Team has issued a warning about the "Slapper" worm that has infected thousands of Linux web servers.
The worm exploits a known loophole in a popular security program and is slowly recruiting machines into its attack network.
Security experts are urging people to update software to close the loophole and check to ensure their machine has not been infected.
Huge network
The Slapper worm is targeting servers running the popular Apache software. This free Linux based program is by far the most widely used web server software.
The worm exploits a vulnerability in Apache servers running software called OpenSSL. Ironically, this is used to make web transactions secure.
The worm marks something of a departure for virus writers which typically target programs made by Microsoft.
Anti-virus firm F-Secure has inserted a dummy machine into the peer-to-peer network being created by Slapper and the company estimates that, so far, the worm has recruited more than 6,000 machines.
Experts speculate that the creator of the worm wants to build a large network of slave machines that can be used to trigger denial of service attacks. These flood target sites and servers with data hoping to knock them offline.
Potential threat
So far the worm seems content to build up its own network and has only been used to carry out one attack on a net service provider.
Security experts are divided on the threat that Slapper poses. Some fear that if all the recruited machines are activated they could launch devastating attacks.
But other anti-virus companies are reporting that none of their customers have been infected by the worm and say the threat it poses is low.
Like many other malicious programs, the worm is exploiting a vulnerability that has been known about for some while.
The loophole was first discovered in August and patches for it were posted soon after. Anyone using OpenSSL up to and including versions 0.9.6d or 0.9.7beta1 is strongly advised to upgrade to the newest version.
Thread
Thread Starter
Forum
Replies
Last Post
Scott@ScoobySpares
Full Cars Breaking For Spares
55
05 August 2018 07:02 AM
oilman
Trader Announcements
15
01 October 2015 11:55 AM