This article is more than 1 year old
SubSeven variant rears its ugly head
Baby, I'm your backdoor man
Eight hundred PCs have been found to be infected with a variant of the SubSeven backdoor, SubSeven DEFCON 8 2.1.
Internet Security Systems X-Force has issued a security alert.
The SubSeven variant only affects Windows 95 and 98 and most of the computers infected to date appear to be home computers on high-speed cable modem or DSL connections.
The original SubSeven made infected systems extremely vulnerable to attack: An attacker could shut down and restart an infected computer, access saved and cached passwords and so on. Recent versions allow an attacker complete access to your machine, or at least as much control as would be had locally. This new version works in essentially the same way.
It has been distributed in newsgroups in files with unlikely sounding names, like sexxxymovie.mpeg.exe, according to Internet Security Systems X-Force. ISS X-Force says that the network of compromised hosts is being used to trial new denial of service attack delivery methods.
For details of how to handle the infection, users should go to the ISS X-Force site here. More details on the original version of the virus can be found here. ®
Biting the hand that feeds IT
