Feeds

Hunt on for porn-meddling virus writers

Outbreak of Homepage worm under control

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

The hunt is on for the authors of the Homepage worm amid signs that the outbreak of the virus has been brought under control.

Homepage masquerades as a harmless Web site recommendation but in reality it directs users to one of four porn sites. It is also said an email copy of itself to everyone in an infected user's Outlook address book, an effect that is clogging up email servers worldwide.

Homepage was created with a newer version of the same virus-writing toolkit that spawned the Anna Kournikova worm.

A popular theory in the anti-virus community is that the porn-peddling worm might be a misguided marketing ploy.

Wired reports that three teenagers from the Netherlands have sent an anonymous email claiming responsibility for the virus. They said they created the worm to boost traffic to four porn sites but they did not say whether they owned the sites or knew their owners.

The self-proclaimed virus writters said they were jealous of the attention lavished on the creator of the Anna Kournikova worm, OnTheFly, who also hails from the Netherlands.

Graham Cluley, of antivirus firm Sophos, said the virus authors might be tracked down through the records of Adultcheck.com, which acts as an agent to collect money from porn web sites.

The rate of spread of the virus itself seems to be dying out just 24 hours after it was first unleashed.

MessageLabs, a managed services firm that scans its users email for viruses, reports that it is now intercepting hundreds of viruses an hour, compared with the thousands it intercepted yesterday. In total MessageLabs has intercepted 26,500 copies of the virus, higher than for the Anna Kournikova worm - but taken from a larger user base.

Sophos' Cluley said that 155 companies had contacted it about the virus but not all of these were actually infected. The outbreak was less severe than either the Love Bug or Anna Kournikova worm, he says.

Figures on how many people were actually infected by the virus are hard to pin down but emails received Register readers reveal several firms were caught out by the virus and had to take down their email servers.

According to Cluley, firms should consider blocking Visual Basic scripts in emails; this will stop the spread of Homepage and other similar Internet worms. ®

Related Stories

Homepage spreading faster than Kournikova worm
Homepage Net worm spreading like wildfire

External Links

Homepage worm write-up from Command Software
MessageLab stats on the virus outbreak

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.