Transatlantic worm targets Linux

A new worm is spreading from the US to infect Linux web servers.

The Linux Slapper worm attacks Apache web servers using a hole in the Open secure sockets layer encryption module and has two functions. Antivirus experts are warning that the popularity of the Apache web server will make it a target for virus writers.

The worm links to other infected servers to form a peer-to-peer network for exchanging data and launching coordinated distributed denial of service (DDoS) attacks. It also allows backdoor access to servers for the worm's propagators.

Early reports from computer security firm ISS state that DDoS attacks linked to the worm have already begun.

Antivirus company Symantec said 3,500 servers have already been infected, although, so far, few cases have been reported in the UK. Network Associates and Sophos have also both reported low levels of infection on British servers.

But the potential of the worm is huge.

"We're seeing more and more viruses designed to go after Apache, although the vast majority are still targeting Windows software," said Natasha Staley, antivirus consultant for Sophos.

"Apache is more popular than Microsoft's software for this kind of application and we're expecting a lot more attacks on this type of software," she added.

The new worm is a variation of a known threat, the Apache 'Scalper' BSD worm.

See also:

Bug Watch: All quiet on the virus front?

Are major viruses on the way out?  13 Sep 2002

Top 20 viruses for July

Virus writers take a summer break  06 Aug 2002

Frethem worm heads for Europe

Antivirus firms issue strong warning  16 Jul 2002

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!