Worm Strikes Hundreds of Thousands of Computers

Discussion in 'Current Events' started by MacNut, May 3, 2004.

  1. macrumors Core

    MacNut

    #1
    Worm Strikes Hundreds of Thousands of Computers
    By Brett Young, Reuters

    HELSINKI (May 3) -- The fast-spreading ''Sasser'' computer worm has infected hundreds of thousands of PCs globally and the number could soon rise sharply, a top computer security official said on Monday.

    ''If you take a normal Windows PC and connect to the Internet, you will be infected in 10 minutes (without protection),'' Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, told Reuters.

    ''It seems to be gradually getting worse, but it could jump as the United States wakes up,'' he said.

    F-Secure says the worm, which surfaced at the weekend, automatically spreads via the Internet to computers using the Microsoft Windows operating system, especially Windows 2000 and XP.

    The spread of the virus had been muted so far, Hypponen said, as it emerged on a weekend, and holidays closed offices in places like the United Kingdom and Japan on Monday. But the spread was expected to worsen as the working week hits its stride.

    ''We have already seen three versions of Sasser during the weekend, and we could see more today,'' Hypponen said, adding he believes the worm originated in Russia.

    Finnish bancassurer Sampo temporarily closed all of its branch offices, some 130 in all, on Monday as a precaution against Sasser.

    In Australia, Westpac Bank said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.

    Delta Air Lines suffered a computer glitch on Saturday that caused delays and cancellations of certain flights across its system, but a spokesman said there was no information yet as to the cause.

    ''With Sasser it seems that companies are (using software) patches better and more quickly than last year (with virus ''Blaster''), but for those that are hit, they are hit hard,'' Hypponen said.

    Blaster infected computers around the globe last year.

    NO NEED TO CLICK

    The current worm does not need to be activated by double-clicking on an attachment, and can strike even if no one is using the PC at the time. When a machine is infected, error messages may appear and the computer may reboot repeatedly.

    ''Compared to what happened with Blaster ... last August ... this virus has all the same features,'' Hypponen said, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.

    Microsoft said Blaster cost it ''millions of dollars of damages,'' and has issued a $250,000 bounty for information on the whereabouts of its author.

    F-Secure said corporate networks should be protected against Sasser and its variants by firewalls -- Internet road blocks that separate internal from public networks.

    F-Secure said the worm emerged 18 days after Microsoft posted a corrective-code software patch on its Web site. This continues a common pattern with viruses whereby firms announce flaws in their software and hackers race to exploit them.

    For home computer users, people should make sure they have downloaded the patch from Microsoft to fix the breach. If their computer is infected, must first be downloaded before the virus is removed or else the PC could catch the worm again.

    Hypponen said he was not sure there was a better way for firms to alert users to software problems.

    ''There are always going to be security holes in mainstream products,'' he said. ''Even if these are not made public, the bad boys will find out about them anyway.''
     
  2. macrumors 68000

    baby duck monge

    #2
    wow. that is pretty hardcore. a number of people have been hit by some virus in the past week at my school - a good friend of mine seems to be among them. the symptoms his computer was showing sound a lot like the ones listed here (what with the restarting and the errors and all). we could not figure it out (and he could not update virus definitions), so he spent the morning wiping his HD and starting over with everything. at least he had good backups. oh well, he needed to do it anyway, the system was getting wonky. :eek:
     
  3. macrumors member

    jaesk8er

    #3
    That sucks but...

    One more reason I am a very happy owner of a few MAC's
    :rolleyes:
     
  4. macrumors regular

    #4
    Luckily, hasn't hit my school yet.

    Thankfully, our campus has incoming connections locked down...For once, I'm actually glad that the campus ISP does this.
     
  5. macrumors regular

    #5
    apparently our school's computers (the pcs anyway) caught a virus and so for the whole computer lesson we copied notes... :) :mad:
     
  6. macrumors regular

    PickledSquirrel

    #6
    Makes me appreciate my mac even more....
    In the words of Rincewind the wizzard: It could have been worse. It could have been me.
     
  7. macrumors 603

    #7
    The one thing that seems to happen with every recent major virus outbreak is the either the inability to get online, or the inability to check my mail. So far, since Sasser has been set loose, neither has happened....(waiting)

    Comic relief:
    WTH? I just got disconnected... oh, right, I have my connection set to terminate after 4 minutes of inactivity.



    Mac, not MAC...or, given its plural form: Macs, not MAC's.
     
  8. macrumors 68000

    wPod

    #8
    ah. . . how nice it is to use a mac.
     
  9. macrumors 601

    virividox

    #9
    most of the schools netowrk is down. but im still fine :)
     
  10. macrumors 6502a

    #10
    We have a pretty irritating firewall on our campus: apparently its function is to prevent users from doing many things they could want because we saw this virus cripple many computers yesterday.

    Luckily our lab is nearly completely mac so the secretary was busy worrying about the virus while the rest of us got some work done! :D
     
  11. macrumors regular

    #11
    you know what id like to do when they track the guy who sent the virus to begin with. i want to use my Mac right in front of him and about every 94-99 seconds do my condescending voice and go "ha ha ha ha ha ha, game over, try again". however, i might also want to cut off both of his opposable thumbs because the computers we use at work are windows based and i might have to give him a nice schalacking.
     
  12. macrumors regular

    #12
    i am virus free and proud to be
     
  13. macrumors regular

    #13
    Every single PC at my Highschool is infected, and its next to impossible to get any work done. We have to do a weather thing on the computers in Earth Sciences, and its pretty much impossible. Its sooo annoying. But, thankfully, we also have some macs in other rooms, so my life remains good :p
     
  14. macrumors 6502a

    Sparky's

    #14
    So, pay attention to King Cobra, it's Mac, not mac.

    Anyway has anyone or does anyone know how to rid your system of it? I have 3 PCs (that's PC not pc) connected on my LAN, and all are running Win 2K. I have'nt seen any signs yet but would like to know what to do in case.
     
  15. Moderator emeritus

    #15
    Wasn't the last one fixed by downloading the fix using a Macintosh and then, transferring the fix to the affected PCs? At least one has been able to be handled that way.
     
  16. macrumors 68000

    Mav451

    #16
    They released a patch for this approximately a few weeks ago.

    Of course, no one ever updates, just like in the RPC case, and people are screwed over, again.

    It is with a certain irony that M$ has managed everytime to get patches out for these BEFORE they hit (sometimes several weeks like with RPC and Blaster last summer), and yet the viruses still strike well anyway (e.g. corporate offices).
     
  17. macrumors regular

    #17
    I will personally kill the first person that will make a virus for macs. THis is one of the many things I am greatful for using apple.
     
  18. macrumors 6502a

    Rincewind42

    #18
    Yea, it was me today. Two machines that are running a simulator at that I work on contracted the damn virus and so I spent 2 hours getting nothing done. I get to clean up the mess tomorrow. All I have to say is that I'm damn glad that when I get home I don't have to deal with crap like this.
     
  19. macrumors 65816

    #19
    That's how I fixed the two PCs my Philistine relatives use here at my house.
     
  20. macrumors 601

    stoid

    #20
    Well, this would certainly explain all the weird behavior of the school E-mail server. :rolleyes:
     
  21. Moderator emeritus

    #21
    It looks as though BellSouth's e-mail server has been hit as well. Nice to know that an ISP is right up there. :rolleyes:
     
  22. Administrator

    Doctor Q

    Staff Member

    #22
    It is interesting that Sasser affects Windows XP and Windows 2000 but not Windows 2003 Server (nor Windows 3.n, Windows 95, Windows 98, Windows Me, or Windows NT).
     
  23. macrumors 65816

    Dippo

    #23
    That's good news since I am running Windows 2003 Server, but it is odd.

    Of course I hope I updated my Windows 2000 machine at home.....I guess I will find out when I get back home this weekend :(
     
  24. macrumors 65816

    voicegy

    #24
    We took the proactive step in my district's IT department and heeded the call weeks ago to apply the patching. Imagine - a school district IT Department being proactive! Will we get kudo's? Will we be thanked? Will people notice? Nope...only if the you-know-what hits the fan - only THEN do we hear about it! *sigh* :(
     
  25. macrumors 65816

    Dippo

    #25
    And they just keep on coming...

    Sasser keeps squirming into homes, businesses

     

Share This Page