March 08, 2001, 2:34 PM — The ready availability of virus-generating tool kits will continue to make it relatively easy for even amateur crackers to write worms such as the recent Anna Kournikova virus, analysts and users warned.
But since many of these kits rely on previously used methods for creating and propagating viruses, damage can be minimized if corporations take basic precautions, they said.
The Anna worm was allegedly created by a 20-year-old Dutchman who calls himself "OnTheFly." He turned himself in soon after to police in the Netherlands. Analysts believe he used an easily available virus-generation tool kit called the VBS Worm Generator to write the worm. Such kits, written by hackers, are usually available for free download over the Internet.
Though that particular kit has since been pulled from the Internet by its Buenos Aires-based developer, analysts said there are literally scores of similar ones that can be used by would-be crackers to easily write similar worms.
The kits go by names such as Instant Virus Production Kit, Satanic Brain Virus Tools, The Trojan Horse Construction Kit and The Virus Factory.
Many come with easy-to-use interfaces and pop-up help files that walk would-be crackers through the process of creating a virus -- from choosing a name for it through choosing a way to spread it.
Some tool kits, including the one used to create the Anna worm, let users choose from a variety of payloads that range from self-replication to attempting to crash networks.
"It's all very menu-driven and easy to use. . . . It is just a question of a click here and a click there," said Roger Thompson, an analyst at Reston, Va., security firm TruSecure Corp.
"The guy who launched the Anna virus didn't even have to change many of the default options [to get the worm to work]," he said.
"You are talking about giving something that can create a lot of damage to just about anyone in the world with access to the Internet," said Ira Winkler, president of the Internet Security Advisors Group.
What make some virus-generation kits particularly dangerous is that they allow even amateur crackers to add variations that can sometimes help them slip through antivirus defenses, Winkler added.
The Anna virus, for instance, was able to break through many antivirus barriers because it used an encryption feature available in the tool kit, analysts said.