[virusinfo] RED ALERT: Other hackers pick up where the Sasser a uthor left off: variant F appears - 05/11/04]

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Tue, 11 May 2004 10:16:50 -0700

From; Panda Virus Alerts:

- Other hackers pick up where the Sasser author 
                   left off: variant F appears  -
   Virus Alerts, by Panda Software (http://www.pandasoftware.com)

Madrid, May 11 2004 - PandaLabs has detected the appearance of the new
Sasser.F worm. This variant is very similar to the original worm, as it only
includes a few small differences, such as the format in which it is packed.

The date that Sasser.F was created appears as April 30, the same day the
first Sasser worm emerged. "It seems that an inexperienced hacker has
created Sasser.F by slightly modifying the code of the original worm.
Another possibility is that the author of Sasser did not work alone, and
that another person is releasing these previously created variants. However,
studying the evolution of Sasser, the fact that variant F does not include
any new features confirms that it is the work of a different person," says
Luis Corrons, head of PandaLabs.

It is highly probable that new variants of Sasser and Cycle, or new viruses
that exploit the LSASS vulnerability will appear. "In order to avoid falling
victim to these viruses, the first thing users must do is install the
patches released by Microsoft to fix the LSASS vulnerability. Given that a
large number of viruses that exploit this flaw are in circulation -and that
more could appear - computers are extremely vulnerable to infection,"
explains Corrons.

In order to avoid falling victim to Sasser.F or any of its variants, Panda
Software advises users to take precautions, keep their antivirus software
updated and to apply the Microsoft patch, -which can be downloaded from
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx- as
computer will continue to be infected by this virus until the vulnerability
has been fixed. Panda Software has made the updates necessary to detect and
disinfect this new worm available to clients.

More information about these and other IT threats is available from:
http://www.pandasoftware.com/virus_info/encyclopedia/

Panda Software's online support center also offers help to users at:
http://www.pandasoftware.com/support/

Panda Software clients can update their antivirus through the applications
installed on their computers.

Users can also scan and disinfect their computers using Panda ActiveScan,
the free, online scanner available from: http://www.pandasoftware.com.

NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] RED ALERT: Other hackers pick up where the Sasser a uthor left off: variant F appears - 05/11/04]

1. Home
2. virusinfo
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---