14 May 2004
Dabber worm feeds on Sasser-infected computers, Sophos reports
 |
| The Dabber worm infects computers already struck
by the Sasser worm |
Dabber exploits vulnerability in Sasser worm's code
Sophos has advised computer users about a new internet worm
which hunts for computers infected by the widespread Sasser worm, and then infects
them by exploiting a security vulnerability in Sasser's code.
The W32/Dabber-A worm
searches for computers that have already been infected by variants
of the Sasser worm. Dabber uploads itself to the infected computers
it discovers by exploiting a vulnerability in the FTP server code
run by the Sasser worm.
"We're used to hearing about worms exploiting security holes in
software code written by operating system and firewall vendors, but
in this case it's the Sasser worm's code which contains the bug and
can allow Dabber to break in," said Graham Cluley, senior
technology consultant for Sophos. "If recently arrested German
student Sven Jaschan really did write Sasser he should be sent
to the bottom of the class for leaving this bug in his code."
Sophos does not believe Dabber will become as widespread as the
Sasser worm family, as users have acted to clean-up their computers
and ensure proper firewall and anti-virus protection is in
place.
"All home users and businesses should ensure their systems are
properly defended with up-to-date anti-virus software, strong
firewalls and the latest security patches from Microsoft,"
continued Cluley.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.