New security risk from Trojan horses

An emerging class of malicious code seeks out existing backdoors, doubling the risk of attack
Written by Matthew Broersma, Contributor

Home Windows users could be at risk from a new breed of malicious code that teams up with existing hacker tools, according to a security watchdog.

CERT Coordination Centre, run by Carnegie Mellon University in the US, is warning that home PCs running Windows are being placed doubly at risk by an emerging class of malicious program that works with well-known invasive tools like SubSeven.

SubSeven is a set of hacker tools that is also used as a Trojan horse, which allows an intruder to deliver malicious code to or take control of a user's computer. SubSeven is well-known, but now other programs are emerging that are designed to scan for the presence of SubSeven and use it to invade. In other words, users targeted by SubSeven may now also be hit by other, unrelated attacks, according to CERT.

The organisation cites W32/Leaves as an example of the new type of "malware".

A Trojan horse such as SubSeven can be used to damage the host computer or also to use the host in launching an attack on another machine, such as a denial of service attack, in which the aim is to overload a Web server so that it can't function.

CERT recommends installing and maintaining antivirus software and firewalls to deal with the risk.

Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards