06 Jun 2003
Slammer worm code publication could inspire more virus activity, warns Sophos
Sophos is concerned by reports in the US media that popular
technology magazine Wired is set to publish the source code for the
Slammer internet worm in its next edition, due out on Tuesday 10th
June 2003.
The Slammer worm caused some parts of the internet to experience
a severe
slowdown in January of this year, after it infected vulnerable
Microsoft web servers. Sophos warns that, by printing the details
of malicious code used by Slammer's author, Wired could be
providing vital code-writing clues to potential virus writers.
"There is a real danger that those with malicious intent will
take this code and use it to create new internet worms," said
Graham Cluley, senior technology consultant for Sophos Anti-Virus.
"Even though Wired claims its intention is to highlight the
problems of viruses, in a week where we've seen two of the year's
hardest hitting worms - Sobig-C and Bugbear-B - we feel that
any hints on how to write a worm will only serve to fuel the
problem of virus writing."
"Of course, malicious viral code is freely available on the
darker corners of the net, but that does not mean it is helpful to
publish such things in a highstreet magazine," continued Cluley.
"Users need education about virus threats and how to protect
themselves, not a cookbook about how to create them."
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.