Security news11 May 2006
Crazy owl preys on network printers, Sophos reports on Hoots worm
 |
| The worm tries to send pictures of an owl to attached network printers. |
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have discovered a worm that attempts to send a photograph of an owl to attached network printers.
The W32/Hoots-A worm is written in Visual Basic and spreads via network shares. Once it has infected a computer it attempts to send a graphical image of an owl with the legend "O RLY?" to a number of predefined print queues.
"This isn't the work of a professional virus writer. Most malware authors these days encrypt their executables with packers in an attempt to make them harder to detect, this one does not. It is also written in Visual Basic, which is unusual for a virus today. But the smoking gun is that the worm has hardcoded within it the specific network paths to almost 40 different printers," said Graham Cluley, senior technology consultant for Sophos. "It appears this malware was written for a specific organization, by someone who had inside knowledge of their IT infrastructure."
The phrase "O RLY?" is internet slang for "Oh really?", and is often accompanied by a picture of a snowy white owl.
"Why the author should want to print out pictures of an owl is, of course, anybody's guess," continued Cluley.
Sophos has only received reports of the malware from one customer, and is working with the organization to provide more information which may help identify the creator of the worm.
Sophos recommends companies put in place a consolidated solution to defend against viruses, spyware and spam, and ensure that it is automatically updated as new threats emerge.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
