[ISN] New hacker attack uses screensavers

From: cult hero (jerichoat_private)
Date: Sun May 30 1999 - 02:25:56 PDT

  • Next message: cult hero: "[ISN] ICSA - Certified Sites and Criteria Issues (reply)"

    http://www.news.com/News/Item/0,4,37180,00.html?st.ne.fd.tohhed.ni
    
    New hacker attack uses screensavers
    By Erich Luening
    Staff Writer, CNET News.com
    May 28, 1999, 8:20 a.m. PT
    
    A new Trojan horse program sent by a hacker over the Internet via an email
    spam format as a screensaver could allow PCs to be accessed by
    unauthorized users. 
    
    BackDoor-G Trojan horse is considered a potentially dangerous new Trojan
    horse program that could allow hackers to remotely access and control
    infected PCs over the Internet, according to network security and
    management software maker Network Associates. 
    
    BackDoor-G affects Windows-based PCs. When executed, BackDoor-G turns a
    user's system into a client system for a hacker, giving virtually
    unlimited remote access to the system over the Internet. The Trojan also
    is virtually undetectable by the user, although it has been reported as
    spreading as a screensaver and an update to a computer game. 
    
    The program is the latest in a string of new hybrid security threats that
    blur the line between viruses, security exploits, and malicious code
    attacks, the company said. 
    
    BackDoor-G is difficult to detect because it is able to change its
    filename and therefore hide from some traditional virus eradication
    methods such as simply deleting suspicious files. 
    
    Though BackDoor-G is not technically a virus, Network Associates advises
    PC users to request an update for both their antivirus and
    intrusion-detection software from their system administrators. 
    
    Sal Viveros, group marketing manager for Total Virus Defense at Network
    Associates, said the company has received a few dozen samples of the
    attack since midmorning yesterday. 
    
    "There is no one file name it uses," he said. "It spreads everywhere in
    the system. 
    
    "There is a trend here. We're seeing more and more programs that are
    stealing information or creating holes to get access to systems remotely,"
    Viveros added. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: OSAll [www.aviary-mag.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:24:06 PDT