Computers to attack file-sharing websites as clocks reach
midnight
The W32/Netsky-Q worm is set
to launch distributed denial of service attacks against a number of
websites as infected computers pass midnight tonight.
The Netsky-Q worm - which according to Sophos research is
currently the 8th most prevalent worm in the wild - attempts to
bring down file-sharing websites, such as the popular KaZaA,
between 00:01 8 April and 11 April 2004.
"The worm is using innocent infected computers around the world
to try and launch its attack," said Graham Cluley, senior
technology consultant for Sophos. "The worm sits in the background
watching the infected computer's internal clock. Once it clicks
over to 8 April the barrage begins, so it's possible the websites
may be affected as computers in Asia Pacific change their date
first."
The full list of websites targeted by W32/Netsky-Q is
www.cracks.st, www.cracks.am, www.emule-project.net, www.kazaa.com,
and www.edonkey2000.com.
"The Netsky-Q worm launches its strikes against the websites
over the long Easter weekend holiday. Home users should ensure
their computers are properly protected with anti-virus updates and
a personal firewall to ensure they are not contributing to the
problem," continued Cluley.
The owners of the eMule website have advised users in a
statement on their website that www.emule-project.net will be
unavailable "because of the upcoming DDoS Attack against our
servers" and suggests they use a mirrored version of their site
instead.
Earlier this year the MyDoom worm successfully knocked SCO's website off the
internet via a distributed denial of service attack. Other
websites targeted for similar attacks in the past have included
those belonging to Microsoft and the RIAA.
Sophos recommends that companies ensure their systems are
protected with the latest anti-virus updates. Sophos's anti-virus solutions can be automatically
updated, ensuring the latest virus protection is in place against
the latest threats even when your office is unmanned.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.