Internet under attack from worms and trojans

A new wave of virus attacks is expected to hit the Internet soon, according to Johannesburg-based Computer Associates Africa. They are warning of Trojan attacks of an "unprecedented scale", seemingly originating from the Far East, and utilising a three-pronged attack involving three Trojans- Glieder, Fantibag and Mitglieder. Together, these Trojans will perform a co-ordinated malware attack that is potentially devastating.

The Glieder opens backdoors that are exploited by the follow-on Trojans, CA said adding, " The apparent objective is to get to as many victims as fast as possible with a lightweight piece of malware." The Fantibag Trojan disables the security of infected systems, while the Mitglieder renders the systems defenseless and leaves them under the control of the hackers.

Meanwhile, SophosLabs are warning of the dangers of Mytob worms, which are currently estimated to account for more than half of the top twenty viruses reported to Sophos in the last 48 hours. This amounts to some 42.9% of all virus reports.

One of the most widespread variants - Mytob-CM - was first seen on Friday, 27 May. Like many of its family members, Mytob-CM spreads via email in an infected attachment. It purports to warn users of security or account issues in its subject line, such as *DETECTED* Online User Violation, Your Email Account is Suspended For Security Reasons and Account Alert.

Mytob-CM does a number of pretty nasty things, including turning off security applications and denying access to several security websites. It also installs a backdoor onto the computer, permitting unauthorized access and remote control of the machine.

As usual, we recommend patching your OS, installing a good anti-virus solution (and keeping it up to date!) and using a firewall.