ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Rootkit worm linked to the Middle East

Greg Sandoval CNET News.com

Published: 18 Nov 2005 09:25 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Security sleuths at FaceTime Communications say they have linked a group of hackers operating in the Middle East to a worm that began spreading last month via America Online's Instant Messenger service.

Experts at FaceTime's security unit reported on Thursday the hacker group has seized control of at least 17,000 computers across the globe. The hackers have the capability to pilfer personal information from a computer's hard drive or remotely commandeer a PC to help launch attacks against companies or networks.

FaceTime has alerted the FBI and warned that the 17,000 computers were controlled by a single compromised server. There is a chance that the hacker band may control other servers and thousands more computers, according to Tyler Wells, senior director of engineering at FaceTime.

"The fact that they are using instant messaging is a disturbing trend," Wells said. "These guys are using BitTorrent...and that is getting a bit scary. They are using IRC-enabled spyware to control PCs."

BitTorrent is a freely available decentralised file-sharing network used to share large files. Hackers have recently been using it to move large files more easily, Wells said.

On 28 October, FaceTime identified a worm that delivers a rootkit designed to go undetected by the security software used to lock down control of a computer after an initial hack.

Subsequent research has revealed that the rootkit worm piggybacking on AOL Instant Messenger acts as a back door for adding spyware, which can be used to pilfer usernames, passwords and other personal information.

A hacker can control this process through IRC communications.

Wells said FaceTime traced specific signatures within various code associated with the exploit. This gave them the ability to resolve where the exploits originated.

The FBI did not immediately respond to a request for comment.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
78 out of 166 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

2 comments

  1. And where is th eproof it came from the middle eas... rjgoldman
  2. Did any critical thinking go into this piece? Con... Anonymous

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:










Related Jobs

Helpdesk role *3-6 months* available immediately based in Hove

2.1 or higher in Computers at Top UK University?Amazing Opportunity!

1st/2nd Line Desktop Support Engineer Required - LONDON

Sentry Posts Blog

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Government launches new e-crime unit

Ok, so this is outside of my main area of focus of sustainable and green tech but I do track some security issues too. I was at a meeting last week with Microsoft's security advisor... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers