worm

Computer virus infects three London hospitals

Three hospitals in London were forced to shut down their networks Tuesday after being infected with a computer virus.

"Emergency procedures have been activated to ensure that key clinical systems continue while network access is being established. We have maintained a safe environment for our patients throughout the incident," a statement on the site for Barts and The London NHS Trust hospital system said.

"Manual backup systems are in use and we are in the process of restoring the computer systems with priority being given to the most important areas for maintaining patients services," the statement … Read more

Microsoft RPC exploit could be a packaged deal

While Microsoft has labeled Thursday's emergency patch MS08-067 as "critical" and provided a rareout-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn't think it will happen that way.

"It's likely we're going to see this packaged with some other attack." said Ben Greenbaum, senior research manager at Symantec. "A Web-based attack, for example. We're looking out for are exploits of this being bundled with client-side exploits or Trojans so that the worm can get past corporate firewalls and get … Read more

Anatomy of a botnet

What if you wanted to build your own botnet to act as a spam relay or to launch a denial-of-service attack against an organization or a country? "It's actually a lot of work," says Joe Stewart, director of malware research at SecureWorks.

I had a chance to talk with Stewart at this year's Black Hat security conference in Las Vegas where, in a talk, he provided insight into the inner workings of one botnet, the Storm worm botnet. Using unpackers, debuggers, and decompilers, Stewart was able to dissect the rogue network and learn how it works … Read more

Avoid getting blitzed by Facebook spam

Like my colleague, CNET News' Caroline McCarthy, I've noticed a worrisome uptick in the amount of spam splatting against my Facebook Wall. It also nestles into my in-box in the form of a courtesy e-mail message prompting me to read my Wall.

While Facebook seems to have internal methods to resolve the malicious spam that has hijacked my friends' accounts, the only other recourse they offer is to update your antivirus software against an attack. That's too late. You want to block it before it ever drops its malware payload, and that means installing software that's designed … Read more

Facebook's new worm turns your friends into enemies

Facebook has a worm. It was bound to happen: As the web increases in popularity, it was just a matter of time before security bad guys started targeting web applications in earnest. Recent research from IBM suggests that the pace of security vulnerabilities on the web is accelerating.

This particular worm on Facebook is highly insidious:

The worm spreads when a compromised user's account is used to send message to others with a title such as "LOL. You've been catched on hidden cam, yo:" and a link to a random URL. The linked website is a … Read more

Facebook responds to security warnings

Facebook security chief Max Kelly has assured members in a blog post that the social network is "fighting the good fight" when it comes to several malware attacks discovered on the site in recent days.

"We spent most of last night working on a fix for a worm, which was targeting people on Facebook and placing messages on walls urging users to view a video that pretends to be hosted on a Google or YouTube Web site," Kelly wrote. "Less than .002 percent of people on Facebook have been affected, all of whom we notified … Read more

Security firm warns of malware attack on Facebook

Sophos, a security software and research firm, has warned that social network Facebook is the battleground for a new malware attack targeting members' comment "walls."

Public wall posts purporting to be from someone on a user's friends list invite the user to click on some kind of video or image, and the URL appears to lead to something hosted on Google.com. That's a spoof--it really directs to a grinning photo of a court jester sticking out its tongue--and a downloaded Trojan. Sophos has not said what the worm then does.

Facebook representatives were not immediately … Read more

Looking inside the Storm worm botnet

LAS VEGAS--On Wednesday, Joe Stewart, director of malware research for SecureWorks, presented his work on protocols and encryption used by the Storm worm botnet at Black Hat 2008.

He said as far as botnets go, Storm is not particularly sophisticated, nor is it our No. 1 threat. Yet while other botnets come and go, Storm remains amazingly resilient, in part because the Trojan horse it uses to infect systems changes its packing code every 10 minutes, and, once installed, the bot uses fast flux to change the IP addresses for its command and control servers.

None of this surprising, it'… Read more

New worm targets Facebook, MySpace

Just because a "friend" sends you something on Facebook or MySpace doesn't mean you should trust it.

A new worm is spreading via Facebook and MySpace, turning victims' computers into zombies on a botnet, Kaspersky Lab said on Friday.

Basically, infected machines are propagating the worm by sending messages via the social networks to friends in the network.

The messages look like they contain links to video clips. When clicked on they prompt the recipient to download an executable file that purports to be the latest version of Flash Player. Instead, it is the worm itself, infecting … Read more