[ISN] Symantec website under DDoS attack
InfoSec News
isn at c4i.org
Tue Jul 19 04:48:48 EDT 2005
http://software.silicon.com/malware/0,3800003100,39150478,00.htm
By Dan Ilett
18 July 2005
An email worm is recruiting computers for a coordinated attack on
antivirus vendor Symantec's website.
Since Friday, email filtering vendor MessageLabs has intercepted
13,717 copies of the worm, dubbed Breatel.A-mm, and has issued a
medium-level warning.
The worm travels as an email attachment, under the subject lines:
"Message could not be delivered", "Error", or "Mail Delivery System".
If the attached file is opened, the computer connects to a botnet - a
network of thousands of hacker-controlled computers used for illegal
activity - and begins to send data to the Symantec website in the hope
of crashing it.
According to antivirus company F-Secure, the worm attachment contains
a message to Symantec that says: "easy to talk but hard to work :)
what about working in symantec? :P it is not only a mass mail worm it
is also a lsass worm :)"
A Symantec spokesman said that the company's infrastructure was built
to withstand such attacks.
The first copy of the worm was sent from Northern Ireland, MessageLabs
said.
More information about the ISN
mailing list