Feeds

Movie clip Trojan to be used in DDoS-style attack

Home PCs in the crosshairs now

  • alert
  • submit to reddit

SANS - Survey on application security programs

The FBI will meet with staff from Network Security Technologies on Friday to examine the company's claim that malicious hackers have embedded a Trojan in a movie clip, with which they have infected 2,000 commercial and home computers in preparation to launch an attack to disable Web sites, the Associated Press reports.

Computers at several large companies were penetrated by the hackers, according to Network Security, which alerted the FBI.

The Trojan enables third parties to launch remote attacks against Web sites from infected client computers in much the same way that February's distributed denial of service (DDoS) attacks were mounted.

When the movie clip is run, a malicious program called 'Serbian Badman Trojan' is activated, sending passwords and other information to the vandals. The infected computers can then be used to attack a Web site without their owners' knowledge.

The FBI's National Infrastructure Protection Centre (NIPC) and the Bureau's Washington field office are looking into the incident, a Justice Department official told the AP wire service Thursday night.

The perpetrators, who used the aliases 'Serbian' and 'Badman', tested their network of infected computers Wednesday night, and could launch an attack at any time, the AP quotes Network Security as saying.

Network Security said it alerted the US Department of Justice (DoJ) on Thursday, and provided a list of 2,000 computers worldwide that it believes have been infected.

Company staff monitored an Internet chat room set up by the vandals who identified infected computers and discussed their strategies. If the infiltrators were 'made', then of course that information will be entirely fictional.

Unlike the DDoS attacks which were launched chiefly from commercial systems, most of the computers infected with Serbian Badman Trojan belong to home users with broadband connections, Network Security said.

In general, cable and DSL connections render ordinary home PCs far more vulnerable to numerous sorts of attack than analogue modem connections do because broadband connections remain on for longer periods of time. ®

Related story

New hack attack is greater threat than imagined

Top three mobile application threats

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.