The Washington Post
Print Edition | Subscribe | PostPoints
SEARCH:
washingtonpost.com
Web
| Search Archives
Sign Up: Free Daily Tech E-letter  
Technology Home
Washtech
Tech Policy
   -Copyright
   -Cybercrime
   -E-Taxes
   -FCC
   -ICANN
   -Security
Government IT
Markets
Columnists
Personal Tech
Special Reports
Jobs

Advertisement
Company Postings
Get Quotes
Press Releases
Tech Almanac
Page 2 of 2    < Back   

'Sasser' Worm Tip of the PC Bug Invasion

Advertisement
_____Related Coverage_____
How to Remove the 'Sasser' Worm (washingtonpost.com, May 11, 2004)
Is Your Computer Infected With Phatbot? (washingtonpost.com, Mar 17, 2004)
_____Cyber-Security_____
Attack Knocks Major Web Sites Offline (The Washington Post, Jun 16, 2004)
Attack Blocks Access to Popular Web Sites (washingtonpost.com, Jun 15, 2004)
Free Desktop Firewalls Do Help, Expert Says (The Washington Post, Jun 10, 2004)
More Security News
___Tech Policy/Security E-letter___
Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
Click Here for Free Sign-up
Read E-letter Archive


E-Mail This Article
Print This Article
Permission to Republish

Ken Dunham, malicious code manager for Reston, Va.-based iDefense, said Phatbot and Agobot can be some of the toughest bugs to detect and remove from PCs.

"Phatbot and Agobot silently creep along the Internet at a constant and aggressive rate, but tend not to get much attention from the antivirus companies," Dunham said. "In reality, they are among the most prolific and dangerous threats out there."

New versions of Phatbot and Agobot infected hundreds of thousands of computers in March, according to experts at cybersecurity firms F-Secure and LURHQ. The attack prompted the Department of Homeland Security's cybersecurity division to alert the computer security community because of its ability to elude easy identification and removal.

At the University of North Texas in Denton, nearly each of the 50 administrative computers infected with Sasser also harbored the latest version of Agobot, said Rich Anderson, the school's senior information security analyst.

Three days before the Sasser worm surfaced the school quarantined about 400 computers that had been infected with the latest version of Agobot, Anderson said.

Mario Rajan, co-owner of Tek Helper, a computer repair company in Chevy Chase, Md., said that about 15 of the 20 Sasser-infected computers he serviced also contained Phatbot worms. "The thing is that the user doesn't realize they have tons of viruses on their computers until Sasser shuts them down."

Mikko Hypponen, director of antivirus research at F-Secure Corp., in Finland, said that sometimes it is easier to reinstall the entire operating system than try to search around for dozens of bugs that might be hiding in the computer.

In general, security companies recommend that computer users frequently update their antivirus software, run firewall programs and download patches for security holes that software companies discover (see washingtonpost.com's guide to removing the Sasser worm and getting rid of "bot" programs for more information and links).

< Back    1 2
Print This Article


TechNews.com Home

© 2004 Washingtonpost.Newsweek Interactive

Company Postings: Quick Quotes | Tech Almanac
About TechNews.com | Advertising | Contact TechNews.com | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication