BANKING TECHNOLOGY ADVISORY: Sasser Worm Strikes Thousands of PCs
Sasser Worm Strikes Thousands of PCs
by Patricia Schoepke, Webmaster, Bankers Information Network
A fast-spreading computer worm, believed to have originated in Russia and similar to last year's massive "Blaster", has struck hundreds of thousands of PCs globally this past weekend. At present, it is unclear how many computers are infected. The worm automatically spreads via the Internet to computers using the Microsoft Windows operating system, especially Windows 2000 and XP.
The worm is very insidious in that it is not activated by double-clicking on an attachment. It can strike even if no one is using the PC at the time. When a machine is infected, error messages may appear and the computer may reboot repeatedly.
In many respects, this worm is similar to Blaster, which infected computers around the globe. Microsoft said the Blaster virus cost it "millions of dollars of damages," and has issued a $250,000 bounty for information on the whereabouts of its author.
Are You Safe?
F-Secure said corporate networks should be protected against Sasser and its variants by firewalls -- Internet road blocks that separate internal from public networks. Home computer users should make sure they have downloaded a corrective-code software patch to fix the breach. If their computer is infected, the patch must first be downloaded before the virus is removed or else the PC could catch the worm again.
F-Secure said the worm emerged 18 days after Microsoft posted the software patch on its Web site. This continues a common pattern with viruses whereby companies announce flaws in their software and hackers race to exploit them.
For more information:
Symantec: Norton Anti-Virus
News Reports from:
CNN: Fast worm hits thousands of PCs
Reuters: Sasser Worm Strikes Hundreds of Thousands of PCs
MSNBC: Sasser Worm STrikes Computers Globally
CBS News: New Worm Hits Some Computers
First published on 08/14/2003