Symantec first dismissed the threat, but worm attacks that exploit a known security hole in the company's corporate antivirus tool are proving to be persistent.
"What we have been seeing in December and in the last week and a half is related to new variants of Spybot," Vincent Weafer, senior director of Symantec Security Response, said Tuesday. "We had a couple of versions of Spybot that went nowhere, but these ones found a way to propagate more effectively."
The Spybot variants break into computers through a known security hole in the widely used Symantec antivirus tools. When installed on a PC, Spybot opens a back door in the system and connects to an Internet Relay Chat server to let the remote attacker control the compromised computer. Spybot first surfaced in 2003 and has spawned many offshoots.
The first version of Spybot to exploit the Symantec security hole surfaced in November. This was followed in December by another pest dubbed Sagevo, or Big Yellow. Symantec initially dismissed both threats, stating that their impact was minimal. While Sagevo fizzled, Spybot is causing harm, Weafer said.
"We're definitely seeing Spybot out there and seeing that it is being trapped in customer environments," he said. The attacks have been escalating since December 20, when Symantec and its customers first saw increased activity on TCP port 2967, the network port used by the vulnerable software.
A fix for the flaw has been available since May 25, but it appears not all users have applied the fix. Unlike Symantec's consumer products, the corporate antivirus software doesn't include automatic product updates.
"Customers have to go to the support site and download the update," Weafer said. The security fix is different from the regular definition updates, which are automatically delivered to both consumer and corporate virus shields, he said.
Symantec is re-evaluating the update mechanism for its corporate tools, Weafer said. Additionally, the company on Wednesday plans to push out an update to its antivirus scanning engine that is designed to better detect Spybot, he said. The engine update will go out automatically to all users, he added.
The two telecom carriers will carry a next-generation iPad running on the fast, next-generation wireless technology, sources tell The Wall Street Journal.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Join the conversation