Important Message

You are browsing the archived Lancers Reactor forums. You cannot register or login.
The content may be outdated and links may not be functional.


To get the latest in Freelancer news, mods, modding and downloads, go to
The-Starport

Worm lures users into online booby trap

This is where you can discuss your homework, family, just about anything, make strange sounds and otherwise discuss things which are really not related to the Lancer-series. Yes that means you can discuss other games.

Post Thu Nov 11, 2004 12:45 am

Worm lures users into online booby trap

Link

A computer worm that turns desktop PCs into malicious web servers has begun infecting computers around the world, experts warn.

The Bofra worm, which comes in two variations known as Bofra-A and Bofra-B, spreads by exploiting a software bug discovered in Microsoft's Internet Explorer web browser on 2 November.

This bug affects the way Explorer interprets web page tags – the underlying code that defines parts of a web page - and can be used to run unauthorised code on machines using the Windows operating system.

Microsoft has not yet released a software fix for the problem, although computers running its latest software package - Service Pack 2, which includes various security enhancements - should be immune. Computers with firewalls installed and switched on may also prevent the worms from spreading by blocking their communications.

The worms install a miniature web server on infected computers and generate web pages containing the unauthorised code. The worms then automatically send emails to everyone in the email address book of an infected computer in an attempt to get them to visit the pages.

Early versions of the worm promise pornographic material via a link, but later incarnations pose as a notification for a PayPal charge, with a link that can be used to cancel it. If the recipient hits the link and visits the page using Explorer, their computer may become infected too.

"This worm feeds on people's habit of accepting titillating content into their work inbox," says Graham Cluley of UK antivirus firm Sophos. "But they could be risking clogging up their company's email system."

Analysis by another antivirus company suggests the worms could be used to control a computer remotely. Several other worms have been used in this way to send email spam.

"It also has backdoor capabilities," reads an alert issued by US firm Trend Micro. "It listens for commands from a remote host.”

As the two worms bear several structural similarities to variants of another worm known as MyDoom, some antivirus companies refer to them as W32/MyDoom.AG, and W32/MyDoom.AH or W32/MyDoom.AI.

But Cluley says the new programs are different enough to justify a new name. "The similarities they have with the MyDoom family of worms are outweighed by the differences," he says. "For one thing, the Bofra worms spread between users in an entirely different way from the MyDoom worm, which relied upon email attachments."

Post Thu Nov 11, 2004 2:29 am

Yes, I read about that not long ago. It's not good I tells ya! All the more reason to listen to your good pal Esky and cease opening emails from people you don't know!

Post Thu Nov 11, 2004 3:58 am

well i dont anyway

Post Thu Nov 11, 2004 4:32 am

Symantec have got this down as a MyDoom variant.

What gets me is why do these little children do this. I read a report that because of all the spam e-mails, viruses and the amonut of new people conecting to the internet, the whole of the internet is about ready to crash. Perhaps these little ****heads don't realise they are contributing to the downfall of the net.

Post Thu Nov 11, 2004 6:14 am

how on earth would you crash a bunch (amazing understatement here) of cables? essentially, internet just refers to the connection between different comps around the world. you'd ahve to effectively crash every single comp connected to the internet to crash the net.

Post Thu Nov 11, 2004 12:23 pm

Its the overload of people from the "3rd world" that are connecting to the net. Servers are just not able to handle the influx of new people. Take TLR on a small scale. When loads of people are on here, it slows right down sometimes your unable to log on. Too much data is being passed through these cables. You can only have so much data go through at any one time.

Return to Off Topic