Print
Send to friend
RSS feedsA new computer worm has succeeded at knocking out several large corporations in the US.
Among the affected companies are many media outlets including CNN, ABC and the New York Times. DaimlerChrysler, United Parcel Service and Kraft Foods too reported that they were affected.
Security researchers are still studying the worm that caused the disruption, but early evidence points in the direction of Zotob or Rbot. Both worms exploit a flaw in the plug-and-play feature of Microsoft's Windows 2000 operating system that was disclosed a week ago.
Symantec refers to the new worm as Zotob.E. While it only affects systems running Windows 2000, other versions of the software including Windows 95 and XP can be used to further spread the virus, the security vendor warned in a bulletin on its website.
Linking it to the Rbot worm, Trend Micro has christened it WORM_RBOT.CBQ.
MacAfee calls the new worm W32/IRCbot.worm!MS05-039, in a reference to it using the IRC chat channel to receive instructions on which system to target next. The worm is using information that was gathered by another worm earlier this week that scanned for systems running Windows 2000.
The MS05-039 in McAfee's description points to the flaw in Windows 2000 plug-and-play feature that the worm exploits. Microsoft disclosed this vulnerability on Tuesday last week when it released a patch for the flaw. The software vendor rated the hole "critical".
Because the worm causes a system to shut down and reboot, it has crippled some corporations. The US television station ABC had to use old electric typewriters to make the deadline of its news show World News Tonight.
Some security experts have described the attack as a turf war, with rival virus writing gangs trying to compete in creating the most disruptive virus that exploits the Plug and play flaw.
