[ISN] Xtra admits password thefts

From: mea culpa (jerichoat_private)
Date: Tue Nov 24 1998 - 09:39:19 PST

  • Next message: mea culpa: "[ISN] Group Test - Firewalls - Make Your Network Safer"

    Forwareded From: "Prosser, Mike" <Mike_Prosserat_private>
    Tuesday November 24 
    Xtra admits password thefts 
    Telecom security investigates Xtra tie-in with Ihug attack
    By Russell Brown - AUCKLAND 
    Only days after issuing a press release talking up its security, Xtra has
    admitted that attacks using the trojan horse program Back Orifice have
    seen customer passwords stolen. 
    Although Xtra has been dealing with Back Orifice infestations on customer
    PCs for months, it opened a page for "anti-virus information" this
    morning, apparently in response to press queries about password theft
    using the program. 
    The Back Orifice scare may not be the last upset for Xtra. Telecom
    security staff have been working with management at the Internet Group to
    investigate a claim that the attacks on the Ihug homepages machine was
    carried out from a static IP address under the control of Xtra. Results of
    the investigation are expected later today. 
    Although this morning's New Zealand Herald claims that a hacker has
    acquired the passwords of "hundreds" or Xtra customers, the company's new
    page says it "believes this type of virus to be responsible for the
    attacks on the connection user names and passwords of two of our
    If Back Orifice is downloaded and inadvertently executed on a Windows 95
    or 98 PC, it allows the attacker full remote access to the machine. Files
    can be viewed, modified, and deleted, passwords stolen and hard drives
    Xtra is not the only local ISP dealing with Back Orifice infestations -
    most have customers who have suffered. 
    The Xtra help site includes links to background material on Back Orifice
    and to AntiGen, a free program from the US company Fresh Software that
    cleans up the virus but does not prevent future infestations.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:12:08 PDT