Net virus 'fizzes' across Asia, U.S.

Advertisement (Why?)

LONDON, England (Reuters) -- A new computer virus, the "Fizzer" worm, spread rapidly across the Internet on Monday, infecting computer users in Asia, Europe and the United States, anti-virus officials said.

Businesses in Asia were the first to report the attack. By mid-day in Europe, tens of thousands of computer users had been hit, with more cases expected in North America as the business day wears on.

UK-based virus detection firm MessageLabs recorded 17,765 cases in 24 hours to 1530 GMT. "We've upgraded it to high-risk just for the fact that we've seen so many in the last day," said Mark Toshack, a virus analyst at MessageLabs.

The worm, which carries random subject lines, disables computer users' anti-virus and firewall software, but is otherwise not a threat to users' personal files. The biggest headache was the extra traffic it generated, bogging down corporate networks.

News source: CNN

Update: Thanks Michel who commented that full details on this worm can be viewed here

The AutoShutdown program lets you suspend, hibernate, or shut down your computer after a specified period of time. In addition to saving resources, this program keeps your system more secure by making it unavailable to unauthorized people.

The CD AutoRun is an extension of Windows' CD and DVD autorun features, giving you additional options for starting programs or listening to music. The Virtual Desktop program lets you run as many as four custom-designed desktop configurations simultaneously, allowing you to tailor your computer screen to your mood and your work requirements.

TweakNow PowerPack's System Info gives you a complete picture of all aspects of your computer's hardware, including detailed information about your motherboard, processor, video card, memory, hard disk, and network. Armed with this information, it's easy to install new hardware and software, and quickly identify and fix system problems.

Whether you're a business person who needs to ensure that your computer is stable and reliable, a serious game player who wants to optimize your computer for the latest games' demands on computer resources, or a home user who wants to personalize the look and feel of Windows and Internet Explorer, TweakNow PowerPack 2003 Professional provides the tools you need to modify your computer safely.

(2 replies) #1 danbalsh on 12 May 2003 - 22:20

OT: What the hell is that picture all about?

#1.1 Solarix on 13 May 2003 - 02:19

ya wtf is that lol a patch panel

#1.2 btallack on 13 May 2003 - 03:00

[QUOTE]The biggest headache was the extra traffic it generated, bogging down corporate networks. [/QUOTE] It's a dude with his network server methinks.

(2 replies) #2 Michel on 12 May 2003 - 22:26

Everyone who think this worm is 'just another mass mailer' using bandwith should pay attention to these details. Fizzer contains: [B]Keylogger [/B] The worm captures typed keystrokes and stores them in a encrypted file named iservc.klg within the Windows directory. [B]HTTP server [/B] The worm runs an HTTP server on port 81. The webserver acts as a command-console, displaying information about the infected system (System time, connection information, OS version, IRC and AIM information). It also allows an attacker to kick-off certain functions, such as a Denial of Service attack, mail propagation, AOL/IRC bot commands, and anti-virus software termination). [B]Remote access server [/B] The worm creates a remote access server by listening on ports 2018, 2019, 2020, and 2021. Full details [URL=http://vil.nai.com/vil/content/v_100295.htm]here[/URL]

#2.1 dduardo on 12 May 2003 - 22:30

Thanks for the info. 5. KaZaa worm I knew it. The RIAA is behind it all

#2.2 Huezo on 12 May 2003 - 22:37

[neoquote=#2.1 by dduardo]I knew it. The RIAA is behind it all[/neoquote] That is so true... Damn the RIAA and the MPAA... They are obsolete, they are not needed... Why cant they just accept the truth and fade away along with their Communism?

#3 gameguy34 on 12 May 2003 - 22:42

someone took some time making this one... the RIAA is not behind this, i'm sure. it just uses the kazaa network, doesn't delete any files.

(6 replies) #4 insurgent on 12 May 2003 - 22:49

Hmm...another Windows worm. Go figure.

#4.1 Fanon on 12 May 2003 - 23:19

And if any other OS was the dominant OS, the worm would most likely be for that OS.

#4.2 gameguy34 on 12 May 2003 - 23:26

hmm...another anti-microsoft zealot. go figure.

#4.3 insurgent on 12 May 2003 - 23:31

Uh-huh...why kick in a door when you can go through an open Window, right? (pun intended) :p

#4.4 kal-ky on 13 May 2003 - 10:47

[neoquote=#4.1 by Fanon]And if any other OS was the dominant OS, the worm would most likely be for that OS.[/neoquote] But the effects would be a lot less. Or you must be running the system as root. Which is a dumb thing to do in the first place.

#4.5 JaggedFlame on 13 May 2003 - 12:08

[neoquote=#4.4 by kal-ky]But the effects would be a lot less. Or you must be running the system as root. Which is a dumb thing to do in the first place.[/neoquote] And you've never heard of privilege elevation vulnerabilities, eh? I'd like to see this "evidence" that the effects would be a lot less. I somehow doubt that, especially when you're talking skilled hackers.

#4.6 macrosslover on 14 May 2003 - 06:06

[neoquote=#4.4 by kal-ky]But the effects would be a lot less. Or you must be running the system as root. Which is a dumb thing to do in the first place.[/neoquote] all it takes is 1 fool with internet access. admittedly most of the viruses take advantage of some windows specific or MS software code and files, however if it's some kind of universal code in an email that can be run regardless of OS, then it only takes 1 fool to connect to the internet and spread it unwittingly. i imagine the "other" people don't have much virus protection software because they think they don't need it. to some extent this is true, to some it's not for the reasons stated above.

(1 reply) #5 longwilli on 12 May 2003 - 22:57

it goes without saying i do it all the time, check the size of the file you are downloading if its about right (normally between 3-7mg) then go ahead if its somthing like 23kb then its bound not to be.

#5.1 dduardo on 12 May 2003 - 23:32

Thats generally true, but sometimes viruses are attached to real files that are 3-7mg

#6 cesardrgn on 13 May 2003 - 02:57

Is movies fast you guys, and it got no breaks...

(2 replies) #7 Mr. Black on 13 May 2003 - 04:24

Too many viruses these days...can't ppl find something better to do with their talent than be destructive?

#7.1 gameguy34 on 13 May 2003 - 04:32

yes, what's the point? "oooo, i am uber 1337! i took down a bunch of servers! i have 1337 skilz!" who gives a sh*t? is it cool to damage things and get away with it? or do these people want to go to jail?

#7.2 nookadum on 13 May 2003 - 09:21

Well they DID prove that they are better since we ourselves can't make a virus, nor an anti-virus to stop it. We have to rely on Symantec or any other anti-virus solution to stop it... Makes you wonder... what if it was actually the ANTI-VIRUS MAKERS who are making the viruses so they get more moolah? Hmm...? Hmm???

#8 pruit on 13 May 2003 - 04:58

i think norton aniti virus has been update this virus into their virus lists now because i got it update today

#9 Furet on 13 May 2003 - 08:56

If it's only on Kazaa, that's cool...I do not want it on emule

Anyway, whoever done this worm is, like the others, stupid and useless...RIAA and others should better take care of this kind of ppl than breaking our b*lls...

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Neowin.net