Miniver
May 4th, 2004, 12:22 AM
Sasser Worm Strikes PCs, Spurs Hoax 'Fix'
Full Story (http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5021487)
By Brett Young and Spencer Swartz
HELSINKI/SAN FRANCISCO May 3 (Reuters) - A fast-spreading computer worm called "Sasser" hit personal computers around the world on Monday, causing infected systems to reboot without warning and disrupting banking and other business in one of the biggest virus-like attacks on the Internet since last summer.
The worm, which first struck over the weekend and is already on its fourth variant, exploits a flaw in Microsoft Corp.'s Windows operating system identified in mid-April, computer security experts said.
Unlike previous Internet worms, Sasser enters and infects vulnerable PCs without any action on the part of the user, allowing it to spread quickly, they said.
By Monday afternoon, computer security companies were also warning of a new twist on the virus: an email, claiming to be from an antivirus company with an attachment purporting to fix Sasser infections, that was actually a new form of the widespread, email-clogging Netsky virus.
Investment bank Goldman Sachs said its Asian and U.S. trading operations were back "at close to normal" by early afternoon on Monday after the worm disrupted some its systems by forcing computers to automatically reboot.
Lucas van Praag, a Goldman Sachs spokesman, declined to elaborate on the extent of the disruptions.
In Australia, Westpac Bank said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.
U.S. carrier Delta Air Lines also suffered a computer glitch on Saturday that caused delays and cancellations of some flights in its system. The company's computer systems were back to normal Monday but the cause of the weekend problem is still being investigated, said Peggy Estes, a company spokeswoman.
Finnish financial company Sampo temporarily closed all of its 130 branch offices on Monday as a precaution. "Compared to what happened with Blaster ... last August ... this virus has all the same features," said Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.
Full Story (http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5021487)
Full Story (http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5021487)
By Brett Young and Spencer Swartz
HELSINKI/SAN FRANCISCO May 3 (Reuters) - A fast-spreading computer worm called "Sasser" hit personal computers around the world on Monday, causing infected systems to reboot without warning and disrupting banking and other business in one of the biggest virus-like attacks on the Internet since last summer.
The worm, which first struck over the weekend and is already on its fourth variant, exploits a flaw in Microsoft Corp.'s Windows operating system identified in mid-April, computer security experts said.
Unlike previous Internet worms, Sasser enters and infects vulnerable PCs without any action on the part of the user, allowing it to spread quickly, they said.
By Monday afternoon, computer security companies were also warning of a new twist on the virus: an email, claiming to be from an antivirus company with an attachment purporting to fix Sasser infections, that was actually a new form of the widespread, email-clogging Netsky virus.
Investment bank Goldman Sachs said its Asian and U.S. trading operations were back "at close to normal" by early afternoon on Monday after the worm disrupted some its systems by forcing computers to automatically reboot.
Lucas van Praag, a Goldman Sachs spokesman, declined to elaborate on the extent of the disruptions.
In Australia, Westpac Bank said it was hit by the worm, and branches had to use pen and paper to allow them to keep trading, The Australian newspaper reported.
U.S. carrier Delta Air Lines also suffered a computer glitch on Saturday that caused delays and cancellations of some flights in its system. The company's computer systems were back to normal Monday but the cause of the weekend problem is still being investigated, said Peggy Estes, a company spokeswoman.
Finnish financial company Sampo temporarily closed all of its 130 branch offices on Monday as a precaution. "Compared to what happened with Blaster ... last August ... this virus has all the same features," said Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure, noting that both worms exploited relatively new holes in Windows and frequently caused computers to reboot.
Full Story (http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5021487)