The new "botworm" scans for computers running the vulnerable Symantec software and then attempts to break in, said Marc Maiffret, chief technology officer at eEye, an Aliso Viejo, Calif.-based security software maker. The threat appears to be widespread, Maiffret said. eEye is tracking a server used by the worm to download part of its malicious payload; that server has pushed data out to more than 60,000 systems, he said.
Symantec is aware of the new worm, which it calls "Sagevo," said Vincent Weafer, a senior director at Symantec Security Response. However, the Cupertino, Calif., company doesn't see it as a big threat. Only three customers have seen it and there isn't anything more than "background noise" on Symantec's network of security sensors, he said.
"Technically eEye is correct, there is a new botworm out there," Weafer said. "But the impression and the worm alert is misleading because we are not seeing any activity."
A similar worm, a variant of Spybot, spread last month. When installed on a PC, both Spybot and Big Yellow open a back door in the system and connect to an Internet Relay Chat server to let the remote attacker control the compromised computer. Such remote control software is the most prevalent threat to Windows PCs, according to Microsoft.
The fact that a bug in Symantec's widely used security software is being exploited by worms underscores a security trend that experts have pointed out before: attackers are increasingly looking beyond the operating system for flaws.
"Any time you have vulnerability in a major application, the likelihood of having it used in a botworm is much higher," Weafer said. "Vulnerability research and exploits are going from operating system level into the application level. It is something we?re going to continue to see."
And while patching Microsoft applications has become second nature for many IT departments, the same does not hold true for other software programs, Maiffret said. "People should be thinking about non-Microsoft software when it comes to patching," he said.
Chinese authorities have reportedly taken iPads from a third-party retailer, a move apparently brought on by Apple's continued refusal to honor a trademark for the iPad name owned by a Chinese manufacturer.
NY professor believes that a word-based algorithm can help bring together those who believe, with one glimpse, that they have found and lost the love of their lives.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Join the conversation