[ISN] New hacker attack uses screensavers

From: cult hero (jerichoat_private)
Date: Sun May 30 1999 - 02:25:56 PDT

Next message: cult hero: "[ISN] ICSA - Certified Sites and Criteria Issues (reply)"

Previous message: cult hero: "[ISN] Feds Fend Off HACK3RZ"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.news.com/News/Item/0,4,37180,00.html?st.ne.fd.tohhed.ni

New hacker attack uses screensavers
By Erich Luening
Staff Writer, CNET News.com
May 28, 1999, 8:20 a.m. PT

A new Trojan horse program sent by a hacker over the Internet via an email
spam format as a screensaver could allow PCs to be accessed by
unauthorized users. 

BackDoor-G Trojan horse is considered a potentially dangerous new Trojan
horse program that could allow hackers to remotely access and control
infected PCs over the Internet, according to network security and
management software maker Network Associates. 

BackDoor-G affects Windows-based PCs. When executed, BackDoor-G turns a
user's system into a client system for a hacker, giving virtually
unlimited remote access to the system over the Internet. The Trojan also
is virtually undetectable by the user, although it has been reported as
spreading as a screensaver and an update to a computer game. 

The program is the latest in a string of new hybrid security threats that
blur the line between viruses, security exploits, and malicious code
attacks, the company said. 

BackDoor-G is difficult to detect because it is able to change its
filename and therefore hide from some traditional virus eradication
methods such as simply deleting suspicious files. 

Though BackDoor-G is not technically a virus, Network Associates advises
PC users to request an update for both their antivirus and
intrusion-detection software from their system administrators. 

Sal Viveros, group marketing manager for Total Virus Defense at Network
Associates, said the company has received a few dozen samples of the
attack since midmorning yesterday. 

"There is no one file name it uses," he said. "It spreads everywhere in
the system. 

"There is a trend here. We're seeing more and more programs that are
stealing information or creating holes to get access to systems remotely,"
Viveros added. 


-o-
Subscribe: mail majordomoat_private with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]

Next message: cult hero: "[ISN] ICSA - Certified Sites and Criteria Issues (reply)"
Previous message: cult hero: "[ISN] Feds Fend Off HACK3RZ"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:24:06 PDT