Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Computer security experts warn of sophisticated new hacker program

Mar 17, 2004 4:25PM PST

Computer security experts in both the private sector and U.S. government are monitoring the emergence of a new, sophisticated hacker program that connects infected computers to far-flung peer-to-peer file-sharing networks.

By some estimates, hundreds of thousands of computers running Microsoft's Windows operating system have already been infected worldwide. The program, software code that security researchers have dubbed "Phatbot," allows its authors to gain control over computers and link them into file-sharing networks that can be used to send large amounts of spam e-mail messages or to flood Web sites with data in an attempt to knock them offline.

The new hacker threat caught the attention of cybersecurity officials at the U.S. Department of Homeland Security, prompting the agency to send an alert last week to a select group of computer security experts. In the alert, the agency warned that Phatbot snoops for passwords on infected computers and tries to disable firewall and antivirus software.

A copy of the DHS alert was made available by two sources at different companies who asked that their identities not be used because they did not want to risk losing access to future government alerts. Officials at the department and US-CERT _ the U.S. Computer Emergency Readiness Team, a government-funded cybersecurity monitoring agency _ confirmed that the message was genuine.

Joe Stewart, a researcher at the Chicago-based computer security firm Lurhq, has catalogued Phatbot's many capabilities in an online posting. Those capabilities include the ability to: evade antivirus software; steal America Online login names and passwords; harvest e-mail addresses from the Web for spam purposes; and sniff Internet network traffic for small computer files, or cookies, that contain personal data used by the PayPal online payment system.

Phatbot is "a virtual Swiss Army knife of attack software," said Vincent Weafer, senior director of security response at Cupertino, Calif.-based Symantec Corp.

http://www.detnews.com/2004/technology/0403/18/technology-95388.htm

Discussion is locked