|
Hacker tool to target servers
22/11/2001 14:08 - (SA)
San Francisco - Computer security experts said on Wednesday they have discovered a new rapidly spreading program that malicious hackers could use to shut down web servers via a popular instant messaging platform.
The hacker tool, named "Voyager Alpha Force", has already been used to infect more than 300 computers, said Elias Levy, chief technology officer at SecurityFocus.com.
That is a small percentage of the hundreds of thousands of computers that were infected by the Code Red and Nimda computer worms in August and September, but even that number of machines could be used to cause some trouble, Levy said.
Although the computers that have been infected with the new tool have not yet been used to shut down web servers via a distributed denial of service attack, they easily could be, according to Levy.
In such an attack, software that has been sneaked onto multiple computers is instructed to send so many requests to a targeted web server that it overloads it, rendering it inaccessible to legitimate web requests.
"It's a weapon that is waiting for someone to pull the trigger," he said.
The new tool infects computers running Microsoft Corp.'s SQL Server database software which have not been configured to change the blank password used by default, Levy said.
Once a computer has been infected, it automatically logs onto an instant relay chat (IRC) channel, through which people can converse in real-time on the internet, and waits for commands, he said.
Levy recommends that computer systems managers change the default passwords on machines running SQL Server and put the server behind firewall software to block unauthorised access.
- Reuters
|
News
