Movie clip Trojan to be used in DDoS-style attack
Home PCs in the crosshairs now
The FBI will meet with staff from Network Security Technologies on Friday to examine the company's claim that malicious hackers have embedded a Trojan in a movie clip, with which they have infected 2,000 commercial and home computers in preparation to launch an attack to disable Web sites, the Associated Press reports.
Computers at several large companies were penetrated by the hackers, according to Network Security, which alerted the FBI.
The Trojan enables third parties to launch remote attacks against Web sites from infected client computers in much the same way that February's distributed denial of service (DDoS) attacks were mounted.
When the movie clip is run, a malicious program called 'Serbian Badman Trojan' is activated, sending passwords and other information to the vandals. The infected computers can then be used to attack a Web site without their owners' knowledge.
The FBI's National Infrastructure Protection Centre (NIPC) and the Bureau's Washington field office are looking into the incident, a Justice Department official told the AP wire service Thursday night.
The perpetrators, who used the aliases 'Serbian' and 'Badman', tested their network of infected computers Wednesday night, and could launch an attack at any time, the AP quotes Network Security as saying.
Network Security said it alerted the US Department of Justice (DoJ) on Thursday, and provided a list of 2,000 computers worldwide that it believes have been infected.
Company staff monitored an Internet chat room set up by the vandals who identified infected computers and discussed their strategies. If the infiltrators were 'made', then of course that information will be entirely fictional.
Unlike the DDoS attacks which were launched chiefly from commercial systems, most of the computers infected with Serbian Badman Trojan belong to home users with broadband connections, Network Security said.
In general, cable and DSL connections render ordinary home PCs far more vulnerable to numerous sorts of attack than analogue modem connections do because broadband connections remain on for longer periods of time. ®