|The Bobax worm can make a zombie of your computer|
Virus researchers at Sophos have warned users about a new internet worm which is capable of turning infected computers into spam factories and launchpads for denial-of-service attacks against websites.
The W32/Bobax-A worm uses the same Microsoft security vulnerability as the Sasser worm to break into computers, enabling attacks to gain full control of the infected PC.
"Worms like Bobax are gold dust to the spam gangs - as it gives them an easy way to build up a network of innocent computers to send their spam from," said Graham Cluley, senior technology consultant for Sophos. "Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."
Because the Bobax worm does not travel via email (instead it exploits a vulnerability described in Microsoft Security Bulletin MS04-011) users do not have to launch an email attachment to be infected.
"Computer users must put protection in place now against this kind of internet assault. If you leave it to chance you shouldn't be surprised if your computer is turned into a "zombie", launching thousands of spam messages at other internet users," continued Cluley. "More than 30 percent of the world's spam is sent from compromised computers, underlining the need for a co-ordinated approach to spam and viruses."
Sophos anticipates that the impact on businesses of the Bobax worm will be limited because of the large number of corporations who have already put the Microsoft patch and reconsidered their firewall protection since the Sasser outbreak, but urges users not to be complacent.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.