New computer worms attacks US computer networks
( 2001-08-06 10:48 ) (7 )

Government and Internet security experts warned computer users late on Sunday to beware of at least two mutant variations of the "Code Red" computer virus that had been discovered attacking US computer networks.

"We are aware of at least two variants of the computer worm making their way now," Debbie Weierman, a spokeswoman for the FBI' National Infrastructure Protection Center, told reporters.

The virus is classified as a worm, which disrupts the memory capacity of the server computers that pass data along on the Internet. It had first been discovered late last week, Weierman said, while refusing to provide any details.

"We are currently assessing the situation," Weierman said.

But the Symantec AntiVirus Research Center, a private Internet security group, identified the virus as "Code Red.C."

It said it was first discovered Saturday and is deemed to be a variant of the original "Code Red" virus that caused a worldwide alert last month, although much of the widespread disruption of the Internet attributed to it was in fact due to a train wreck in Baltimore.

The new variant was identified by UNIRAS, part of the British government's centre for co-ordinating efforts to defend Britain's computing infrastructure from electronic attack, and the anti-virus software company Network Associates.

The new version does not deface web pages, as Code Red did, but gives the hacker "remote control" of the computers it infects by leaving a "Trojan Horse" in the system.

It spreads up to six times quicker, but its possible effects on the Internet are not yet known.

Instead of trying to infect any site across the Internet, it concentrates on spreading locally. It is difficult to detect and more complicated to remove than Code Red.

"This new threat is more dangerous than previous versions of Code Red though it is still unlikely to affect the whole Internet infrastructure in the short term," UNIRAS said.

"Localised segments of the Internet could be affected and performance degraded, and this might have serious consequences for communities of users affected.

"The installation of the Trojan code will allow unpredictable use to be made of the infected systems in future."

Symantec said it had received reports of "a high number" of Web servers infected.

"We are assessing "Code Red.C" to be a high threat," the center said in a statement.

Security experts have warned the Internet has inherent vulnerabilities which remain open for exploitation, despite the apparent failure of Code Red to cause widespread damage.

Global sales for computer anti-virus software totalled US$1.4 billion in 2000.