Virus writer purports to show bin Laden's death

By Munir Kotadia
Staff Writer, CNET News.com Published: July 23, 2004 11:35 AM PDT
Tools
Talkback
Print
Related Stories
'Atak' worm variant linked to al-Qaida sympathizer
July 16, 2004
Scotland Yard and the case of the rent-a-zombies
July 7, 2004
Adware ploy dupes IMers with bin Laden 'news'
February 11, 2004
Bin Laden tape draws Net viewers
December 13, 2001
Antivirus company Sophos warned Friday of a scheme that invokes Osama bin Laden to convince people to open a file containing a Trojan horse called Hackarmy.

The message, which has been posted on several Internet newsgroups, claims to contain pictures taken by CNN journalists of bin Laden committing suicide. But once the supposed picture file is opened, it installs a Trojan horse that effectively recruits the infected machine into the author's army of "zombie" PCs--already-infected machines that can be controlled surreptitiously from afar. The zombified computers can then be used to distribute spam or launch denial-of-service attacks.

Hackers and virus writers are trying different tricks to try to get people to download their malicious code, said Graham Cluley, senior technology consultant for Sophos.

"It seems this time, the hacker has focused on the public's morbid curiosity and appetite for news on the war against terror," he said.

Terrorism has been a popular theme among virus writers recently. Last week, a variant of the Atak worm was linked with an al-Qaida sympathizer who allegedly threatened to release an "uber worm" if the United States attacked Iraq.

Richard Starnes, president of security industry group ISSA UK, said the warning from Sophos should help spur computer users to "install preventative measures" before the Trojan horse becomes widespread.

Virus writers try to get e-mail users' attention and persuade them to open attachments or click on links, even if they have been told not to, Starnes said.

"Anna Kournikova, Catherine Zeta-Jones and I Love You are all variations on a theme: They are trying to entice the user into doing something they know they shouldn't do," he said.

Antivirus and antispam companies have updated their software to detect the Trojan horse, according to Starnes, so people need to make sure that they have the most recent version of their software.

"It depends on how long (it takes for) antivirus and antispam companies (to) respond by releasing new signatures, and how quickly the customers respond by downloading and installing them," he said.

Munir Kotadia of ZDNet UK reported from London.

More from News.com on this story's topics

Viruses and worms

 Create an email alert | RSS feed

See more CNET content tagged:
Osama bin Laden, Richard Starnes, antispam company, Sophos Plc., trojan horse

Powered by Jive Software
advertisement
RSS Feeds
Add headlines from CNET News.com to your homepage or feedreader.
Google
Yahoo
MSN
More feeds available in our RSS feed index.

Latest tech news headlines

Most Popular Stories
Google's search secret: It gets rid of you
Developer creates copy-paste tech for iPhone
Palm Treo Pro: Not digging it
Intel says it has 'first silicon' for next mobile chip
American Airlines launches in-flight Wi-Fi
Markets

Market news, charts, SEC filings, and more

Related quotes

Dow Jones Industrials (0.19%) 21.74 11,439.17
S&P 500 (0.34%) 4.38 1,278.92
NASDAQ (0.00%) 0.00 1,816.15
CNET TECH (-0.04%) -0.69 1,630.11
  Symbol Lookup
advertisement
Welcome (log out) |View profile
Log in | Sign up Why join?
On GameSpot: Wii Fit tells 10-year-old she's fat
Advanced
search
Advanced
search
Visit other CBS Interactive sites