Internet vandals have continued to modify the recent Slapper worm and have sent at least four new variants of the hostile Linux program into the electronic wilds.
The newest variant, dubbed "Mighty," exploits the same Linux Web server flaw that other versions of the Slapper worm have used to slice through the security on vulnerable servers. Russian antivirus company Kaspersky Labs said in a release Friday that more than 1,600 servers had been infected by this latest variant as of Friday morning and are now controlled by the worm via special channels on the Internet relay chat system.
"In this way, 'Mighty' is able to leak out confidential information, corrupt important data, and also use infected machines to conduct distributed (denial of service) attacks and other nasty activities," Kaspersky Labs said in the advisory
Because the worm deposits its source code on any system that it infects, security researchers expect more modified versions of the virus to appear. "People are doing a lot of variants," said Marc Maiffret, chief hacking officer for network protection firm eEye Digital Security. "No one has found any good way to handle these worms."
As long as there are servers whose administrators don't care enough or don't know enough to patch the security holes, such worms will continue to spread, Maiffret said.
View: The full story
News source: ZDNet