F-Secure Warns About a New Linux Worm
Posted on 16.09.2002
Helsinki, Finland - September 14th. F-Secure Corporation is warning about a new network worm called Slapper. Slapper is a network worm that spreads on Linux machines, using a flaw discovered in August 2002 in OpenSSL libraries. The worm was found in Eastern Europe late on Friday 13th, September 2002.

The worm typically affects Linux machines that are running Apache web server with SSL enabled. Apache installations cover more than 60% of public web sites in the internet. It could be estimated that less than 10% of those have enabled SSL services. SSL is most often used for online commerce, banking and privacy applications.

Once a machine gets infected, the worm starts to spread to new systems. In addition, the worm contains code to create a peer-to-peer attack network, where infected machines can remotely be instructed to launch a wide variety of Distributed Denial of Service (DDoS) attacks.

The worm works on Intel-based machines running Linux distributions from Red Hat, SuSE, Mandrake, Slackware or Debian. Apache and OpenSSL must be enabled and OpenSSL version must be 0.96d or older.

Slapper is very similar to the Scalper Apache worm, which was found in June 2002. The basic theory of operation is similar to the first widespread web worm, Code Red. Code Red infected more than 350000 websites running Microsoft IIS in July 2001.

"It is still early to say whether this will become a major problem or not", comments Mikko Hypponen, Manager of Anti-Virus Research at F-Secure. "In any case, we urge all Linux webmasters to make sure their systems are secured against this attack."

Detailed description of the worm as well as a screenshot are available at: http://www.f-secure.com/v-descs/slapper.shtml






Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //