Feeds

Linux worm nobbles Nasa Web site

Ramen on the rampage

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Ramen, the Red Hat Linux-based Internet worm, has spread into the wild and defaced the Web sites of several different organisation, including a National Aeronautics and Space Administration (Nasa) lab.

Russian anti-virus expert Kaspersky Labs said that Ramen is the first malicious code for Linux to be detected in the wild.

Web sites run by Nasa, Texas A&M University, and Taiwan-based computer hardware maker Supermicro have fallen victim to the worm, causing their sites to become sprayed with electronic graffiti. On each Web server Ramen infects, the main page is replaced with the message: "Hackers looooooooooooove noodles," signed by the "RameN Crew."

The worm's defacement of the site of Nasa's Jet Propulsion Laboratory is mirrored on attrition and can be seen here.

Susan Reichley, a spokeswoman at the Jet Propulsion Laboratory, told The Register that the site had been broken into, but stressed that the problem was fixed in the same day. She said she was unable to answer other questions on the matter for security reasons.

As previously reported, Ramen is a combination of pre-existing scripts which has the ability to spread via the Internet. It penetrates systems running Red Hat Linux versions 6.2 and 7.0. In order to gain access to a computer, the worm exploits three known security loopholes in these particular operating systems. These breaches enable Ramen to take over the root access rights and thereafter execute code on target systems.

These security holes were discovered more than a year ago and Red Hat issued patches. Affected sites had failed to apply the patches - leaving them vulnerable. Information on the patches is available here.

Denis Zenkin, a spokesperson for Kaspersky, said: "The fact that Ramen penetrated into several respected organisations, including Nasa, shows that even the most professional network engineers don't pay enough attention to timely installation of security patches in order to protect their systems. This worries us most, as neglecting basic enterprise security rules can stimulate hackers to develop malicious code for Linux."

Jack Clark, of Network Associates, agreed with this advice but downplayed the overall serious of the worm; his anti-virus firm had received few calls about Ramen infections, he said.

During the eight years or so since Linux was first developed, only around 50 malicious programs affecting the operating system have been discovered, and, until Ramen, none of them spread to damage users' systems. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.