Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with Malicious Code
Showing posts in English
Dave Cole | 09 May 2006 07:00:00 GMT | 0 comments

Back in the wild and wooly pre-bust days of ’98, distributed denial of service attacks (DDoS) knocked the froth off of some very high profile Web sites. Backed by malcode like Trin00 and Stacheldracht, the attacks made headlines everywhere, as online businesses that were the frontrunners of the emerging Internet economy were unexpectedly closed for business while they did battle with the legions of zombie computers slinging packets at them and tying up their systems.

So here we are, approximately eight years later. Trin00 and Stacheldracht have been replaced by much more powerful, multi-purpose successors like Spybot and Gaobot. And the attacks keep coming. The latest Symantec Internet Security Threat Report (March 2006) showed a 51% increase in denial of service attacks. The previous period (January 2005 to June 2005) was characterized by a gaudy 680% growth, as attacks surged from 119 per day to 927 per day. The number for the second half of 2005 now rests at 1,402...

Kaoru Hayashi | 04 May 2006 07:00:00 GMT | 0 comments

Over the last several months, new cases of information disclosure have been reported by the media nearly every day in Japan. These incidents are often caused by variants of the W32.Antinny worm that targets the Winny P2P file-sharing network. Once W32.Antinny infects a computer, it captures a screen shot and searches for Microsoft Office documents, email folders, and photos on the compromised computer and uploads these files to the Winny P2P network. Then, not only the author of the worm but also any other Winny users can download that information.

Winny is a P2P program that has several interesting features, one of them being anonymity. Users can search and download files from the Winny network, but noone can know who has the file or where the file is from because Winny hides this information from users. Users can only access the filenames that are available for download from the network. Another interesting feature is the way in which newly downloaded files are shared....