Members of the chat-network security group IRC/Unity have decoded the manner in which the creator of the Fizzer virus can communicate with the program, a co-founder of the group said on Monday.

The Fizzer virus connects from an infected PC to a randomly selected Internet relay chat (IRC) network using a list of more than 300 such networks contained in the virus. Once connected, Fizzer creates a chat channel and listens for commands from a specific user nickname. The IRC/Unity group discovered the algorithm that determines what that name should be.

"It's a three-letter nickname that is only valid for the current date," said John McGarrigle, the newly elected chairman of the IRC/Unity group, a collection of administrators from more than 50 different chat networks. "Once you have that, you can control the bot (virus program) through IRC."

[ Read more ]

Related items

• Virus News: Weekly Virus Report - Fizzer Worm and Lovgate Variants (17 May 2003)
• Virus News: Flaw in Fizzer's Code Provides Vital Hint of Infection (16 May 2003)
• Software: BitDefender Anti Fizzer
• Virus News: Fizzer E-mail Worm is Spreading at an Alarming Rate (13 May 2003)
• Virus News: Panda Software Receives Reports of Incidents Caused by Fizzer (13 May 2003)
• Virus News: Fizzer Worm Attacks Via E-mail and KaZaA (12 May 2003)