Linux worm hits the network
A worm that attacks Linux servers is being used to create a peer-to-peer network of infected computers that can be remotely controlled by the worm's creator.
The "Linux.Slapper.Worm" targets Linux servers running Apache Web server software along with an encryption technology known as "Secure Sockets Layer," the typical method for protecting data in transit over the Web.
What sets Slapper apart from other worms is its networking capability. Once a server is infected, it becomes part of a network of compromised machines, which the worm's author can use to attack other networks.
Infected machines are also wide open to any malicious hacker. It isn't particularly difficult to locate the network of infected severs, and once located, it appears that any attacker can remotely control any or all of the compromised machines.
[ Read more ]
- Virus: Worm.Linux.Slapper (18 September 2002)
- News: Security experts divided on Slapper's threat (17 September 2002)
- Press Release: Slapper Teaches Users Value of Safe Hex, Says Sophos Anti-Virus (16 September 2002)
- Virus News: Reverse Engineered Slapper Worm (16 September 2002)
- Virus News: F-Secure Warns About a New Linux Worm (16 September 2002)