[Politech] WashingtonPost.com on evil new "Phatbot" hacking tool

From: Declan McCullagh (declan@private)
Date: Wed Mar 17 2004 - 23:59:27 PST

Next message: Declan McCullagh: "[Politech] Move over Sherman Austin: it's time to jail librarians [fs]"

Previous message: Declan McCullagh: "[Politech] Politech gathering in San Francisco at 7 pm on Wed March 10"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-------- Original Message --------
Subject: post.com on new hacking tool
Date: Wed, 17 Mar 2004 12:44:03 -0500
From: Robert MacMillan <robert.macmillan@private>
Organization: washingtonpost.com
To: declan@private

Declan - thought this might interest the politechies...

http://www.washingtonpost.com/wp-dyn/articles/A444-2004Mar17.html

Hackers Embrace P2P Concept

Experts Fear 'PhatBot' Trojan Could Lead to New Wave of Spam or
Denial-of-Service Attacks

By Brian Krebs
washingtonpost.com Staff Writer
Wednesday, March 17, 2004; 6:23 AM

Computer security experts in the private sector and U.S. government
are monitoring the emergence of a new, highly sophisticated hacker
tool that uses the same peer-to-peer (P2P) networking abilities that
power controversial file-sharing networks like Kazaa and BearShare.

By some estimates, hundreds of thousands of computers running
Microsoft's Windows operating system have already been infected
worldwide. The tool, a program that security researchers have dubbed
"Phatbot," allows its authors to gain control over computers and link
them into P2P networks that can be used to send large amounts of spam
e-mail messages or to flood Web sites with data in an attempt to knock
them offline.

The new hacker threat caught the attention of cyber-security officials
at the U.S. Department of Homeland Security, prompting the agency to
send an alert last week to a select group of computer security
experts. In the alert, the agency warned that Phatbot snoops for
passwords on infected computers and tries to disable firewall and
antivirus software.

A copy of the DHS alert was made available to washingtonpost.com by
two sources at different companies who asked that their identities not
be used because they did not want to risk losing access to future
government alerts. Officials at the department and US-CERT -- a
government-funded cyber-security monitoring agency -- confirmed that
the message was genuine.

Phatbot is "a virtual Swiss Army knife of attack software," said
Vincent Weafer, senior director of security response at Cupertino,
Calif.-based Symantec Corp.

[etc...]

_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)

Next message: Declan McCullagh: "[Politech] Move over Sherman Austin: it's time to jail librarians [fs]"
Previous message: Declan McCullagh: "[Politech] Politech gathering in San Francisco at 7 pm on Wed March 10"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 18 2004 - 00:24:53 PST