Deloder slowly worms its way on Net

By Patrick Gray
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: E-mail viruses double in 2002
December 16, 2002; Slapper worm smarting less
September 20, 2002; New Klez worm squirms across Internet
April 17, 2002; A year later, DDoS attacks still a major Web threat
February 7, 2001

A new worm that leaves behind two Trojan horse programs has begun spreading over the Internet and may be paving the way for a crippling distributed denial of service attack.

Although the experts are not yet rating the Deloder worm as a high risk to PC users, the technical make-up of the Trojan horses it leaves behind is of concern. They consist of a commonly used piece of network administration software called Virtual Network Computing (VNC), and an Internet Relay Chat (IRC) bot, or remote-access Trojan horse.

The VNC component allows attackers to connect to an infected system and control it as if they were in front of it. They have full access through a graphical user interface.

The IRC bot, when activated, connects to a remote server and waits for commands, which could mean that infected systems are going to be used for a distributed denial of service attack.

This worm, unlike others such as Klez, requires no user interaction to spread--it exploits common passwords, such as "password" and "computer," in share directories in Windows NT/2000/XP machines and hence spreads automatically.

However, because the virus attacks through weak share-directory passwords, the effect on corporations has been minimal because share directories are typically firewalled.

Daniel Zatz, a security spokesman from Computer Associates International, says his company hasn't received any reports of customers being infected. "Very little has been reported to the (antivirus) vendors themselves,? he said.

Aside from potential denial-of-service implications, Zatz says that people may be stung through identity theft--even a novice malicious hacker can access an infected system with ease.

"This is one of the ways that identity theft occurs," he said.

Despite this, Melbourne, Australia-based security consultant Adam Pointon says that the worm is hitting home users hard. "It's been increasing threefold over the last few days," he said.

The SANS Institute's Internet Storm Center, a research group that monitors the Internet for attacks, has lifted the pertinent alert status from green to yellow. More information is available on SANS' Web site.

ZDNet Australia 's Patrick Gray reported from Sydney.

Latest tech news headlines

What is a Netbook computer?
Posted in Defensive Computing by Michael Horowitz

October 12, 2008 12:25 PM PDT
IBM invests in business partners' training
Posted in News - Business Tech by Colin Barker

October 11, 2008 5:01 PM PDT
Navy charters kite-powered cargo ship to deliver equipment
Posted in Military Tech by Mark Rutherford

October 11, 2008 11:03 AM PDT
See all headlines

Resource center from News.com sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
IBM invests in business partners' training
A business development fund aims to encourage its largest partners to take up more skills training around data centers.
Gallery
Photos: Top 10 reviews of the week
Military Tech
Navy charters kite-powered cargo ship to deliver equipment
The use of this new breed of sailing ship could reduce fuel costs by 20 to 30 percent, according to the ship's owners.
Coop's Corner
Ellison's mantra: Spend, baby, spend
It may be hell out there, but Oracle's chief tells shareholders the company still intends to shop for more acquisitions.
Video
Sprint launches Xohm WiMax
News - Wireless
FCC report negates free Internet interference claims
Report from commission engineers boosts plan to auction spectrum for free wireless Internet by dismissing concerns it would interfere with existing providers' signals.
Video
Talking with Newt Gingrich on tech, bailout
News - Politics and Law
President signs broadband data collection bill
The Broadband Data Act encourages wider collection of information regarding nationwide access to broadband.
News - Cutting Edge
Academics sink teeth into Yahoo search service
Yahoo hopes its Build Your Own Search Service program has piqued the interest of academic researchers. Next stop: start-ups.
Gallery
Photos: Cracking open Apple's revamped iPod Nano
Crossfade
The Streets, 'The Escapist': Free MP3 of the Day
Download a free MP3 of "The Escapist" courtesy of CNET Download Music.
Green Tech
Urban wind power inspired by ancient Persia
The shape of urban wind power continues to morph. The latest twist come from Windation, a company with a design inspired by centuries-old "wind catchers."