New denial of service menace uncovered

Thousands of PCs are being turned into hosts capable of denial of service attacks

A new distributed denial of service threat, with the potential to disable large Web sites, has been uncovered by US computer security firm Network Security Technologies, the company said Friday.

Thousands of Trojan horse programs, which allow a computer to be covertly controlled and which are capable of launching denial of service attacks have been installed on personal computers worldwide as part of a co-ordinated project, according to the security company.

More than 2,000 personal computers, including machines within large corporations have been compromised, according to a spokesman for Network Security Technologies.

"The biggest concern is that this is allowing systems to be taken over," says vice president of marketing at Network Security, Joseph Newland. His company became aware of this activity when an internal computer was targeted.

"We allowed a sacrificial lamb to be taken over and were able to log communications," says Newland. "We saw compromised computers in the thousands. We saw corporations as well. Some in London."

Newland says that these computers have apparently been targeted with the intention of launching denial of service attacks. He also says that the FBI has begun an investigation based on his company's evidence.

Victims have apparently been targeted with a fake video attachment. This file appears to be an avi video file but actually has an executable (exe) extension. Once installed, the program attempts to download the Trojan horse program itself, which then communicates with two computers, in America and Canada.

A denial of service attack involves bombarding a computer with an overwhelming amount of fake communication data.

The distributed denial of service attack first emerged in February when it was used to render some of the world's largest Web sites, including CNN, Amazon and eBay inaccessible. The attacks caused controversy because they brought down such high profile Web sites and were particularly difficult to combat.

In the light of this years Denial of Service attacks and the ILOVEYOU virus John Dvorak worries that we ain't seen nothin' yet. Go with him to AnchorDesk UK for the news comment.

What do you think? Tell the Mailroom. And read what others have said.

Take me to Hackers

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All