Worm Highlights Threat Posed by Virus Tool Kits

By Jaikumar Vijayan, Computerworld |  Security

The ready availability of virus-generating tool kits will continue to make it relatively easy for even amateur crackers to write worms such as the recent Anna Kournikova virus, analysts and users warned.


According to a recent IDC survey of 1,000 corporations:

Viruses are the most common form of security problem for corporations.

90% of the respondents said they had been hit by a virus.

Antivirus software is the most commonly used security technology.

But since many of these kits rely on previously used methods for creating and propagating viruses, damage can be minimized if corporations take basic precautions, they said.

The Anna worm was allegedly created by a 20-year-old Dutchman who calls himself "OnTheFly." He turned himself in soon after to police in the Netherlands. Analysts believe he used an easily available virus-generation tool kit called the VBS Worm Generator to write the worm. Such kits, written by hackers, are usually available for free download over the Internet.

Though that particular kit has since been pulled from the Internet by its Buenos Aires-based developer, analysts said there are literally scores of similar ones that can be used by would-be crackers to easily write similar worms.

The kits go by names such as Instant Virus Production Kit, Satanic Brain Virus Tools, The Trojan Horse Construction Kit and The Virus Factory.

Many come with easy-to-use interfaces and pop-up help files that walk would-be crackers through the process of creating a virus -- from choosing a name for it through choosing a way to spread it.

Some tool kits, including the one used to create the Anna worm, let users choose from a variety of payloads that range from self-replication to attempting to crash networks.

"It's all very menu-driven and easy to use. . . . It is just a question of a click here and a click there," said Roger Thompson, an analyst at Reston, Va., security firm TruSecure Corp.

"The guy who launched the Anna virus didn't even have to change many of the default options [to get the worm to work]," he said.

"You are talking about giving something that can create a lot of damage to just about anyone in the world with access to the Internet," said Ira Winkler, president of the Internet Security Advisors Group.

What make some virus-generation kits particularly dangerous is that they allow even amateur crackers to add variations that can sometimes help them slip through antivirus defenses, Winkler added.

The Anna virus, for instance, was able to break through many antivirus barriers because it used an encryption feature available in the tool kit, analysts said.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question