One researcher warned on Thursday that the group of online vandals suspected of creating both the Sasser worm and several variations of the Netsky virus could combine the two threats. The resulting blended threat could dodge security inside corporate systems via e-mail messages and then spread quickly once inside those networks.

"Sasser is inhibited by gateways, and adding the e-mail aspect would bypass the gateways," said Jimmy Kuo, a researcher and a McAfee Fellow for security company Network Associates. The technique is "rather obvious," he said, defending the decision to publicize the strategy in an alert. "I don't think I am giving a clue to the virus authors," he said.

By Robert Lemos at ZDNet.

[ Read more ]

Related items

• Software: Symantec Sasser Removal Tool
• Software: F-Secure Sasser Removal Tool
• Virus News: Symantec Response to Sasser Worm - New information (4 May 2004)
• Virus News: New Netsky Worm Poses as a Cure For Sasser (4 May 2004)
• Virus News: Information Quotes on Sasser Worm (4 May 2004)
• Virus News: New Automatic Internet Worm Spreading at Increasing Pace (3 May 2004)
• Virus News: Panda Software Offers to Every User the Free Tool to Disinfect and Remove Sasser.A (3 May 2004)
• Press Release: Lurhq Reports Sasser Worm Rapidly Spreading Across Internet (3 May 2004)
• Review: Viruses Revealed (28 April 2003)