Forum latest

Imagine the damage if a custom worm shuts down your organization for one day, if it's Christmas!
General
Written by Daniel   
Wednesday, 02 August 2006 09:25
Worm Targets Microsoft Powershell


AUGUST 1, 2006 | A group of Austrian virus writers has used an old technique to launch an attack on a new, as-yet unreleased Microsoft product, the Powershell scripting tool.

The proof-of-concept worm, dubbed MSH/Cibyz!p2p or MSH/Cibyz, is the second such proof-of-concept malware written against Powershell by the group -- the first coming nearly a year ago. The difference this time: The proof-of-concept worm is a parasitic infector that places its own code into clean files so it can run malware. And unlike most proof-of-concept malware for Microsoft software, it doesn't exploit a vulnerability in the software, so it won't get a patch from the software company.

"The malicious worm does not exploit a vulnerability in Microsoft's software," says a Microsoft spokesman. "Microsoft recommends consumers do not accept files from untrusted sources and should use up-to-date third-party AV products to scan Kazaa-shared folders."

What's more interesting is this type of worm is one that could be customized to target a particular organization, says David Aitel, CTO for ImmunitySec. "We're seeing a trend of people writing worms that are customizable for an organization," he says. "Imagine the damage if a custom worm shuts down your organization for one day, especially if it's Christmas and you're an online retailer."

Aitel says custom worm attacks are tough to counter. "The research dollars haven't gone into this yet, so we don't have a picture of how to defend against attacks like this.

Much More @ Dark Reading!
Discussion in the Forums.
 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either