Security experts have warned internet users to update their antivirus systems to protect against a newly discovered worm dubbed Noomy.A, which "could represent a new trend in malicious code techniques".
PandaLabs said that, although this sophisticated and dangerous worm has not yet spread significantly in the wild, it has a series of unusual but potentially effective characteristics to propagate itself through Internet Relay Chat (IRC).
Written in Visual Basic, the worm creates an HTTP server on affected computers and generates a large number of files containing copies of its code. The names of these files, designed to tempt unwary users into believing that they are software cracks, include '2004serials.pif', 'Ageofempires2crack.exe', 'AgeOfMythologyISO.exe' or 'AnaKurnikovaVirualGirl2004.scr', among many others.
Microsoft: Firewalls are failing to keep out hackers
Firewalls aren't doing a good enough job of protecting corporate networks, according to a Microsoft security expert. Speaking in London on Monday at a technical briefing on the need for next generation firewalls, Microsoft security technology architect Fred Baumhardt outlined some of the gaps that traditional firewalls are leaving open.
"We are all bloody lucky that something hasn't obliterated IT on earth," said Baumhardt. "Firewalls are like ******** routers. They just look at the ports, sources and destinations they like. If a train comes from Gare du Nord [Paris] to Waterloo [London] via Eurostar you allow it to enter the country because you trust it. That's what firewalls currently do. They don't check to see if al-Quaeda is riding inside."
Ports allow certain types of Internet traffic to travel if they correspond with the correct port number. For example, HTTP runs on port 80 and is often regarded as a trusted port, and left open. In the past firewalls have often worked on this basis, without checking the content of traffic. But Baumhardt called for IT professionals to ensure they had better equipment.