Skip to main content
The Web    CNN.com      Powered by
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SERVICES
 
 
 
 
 
 
 
SEARCH
Web CNN.com
powered by Yahoo!
Technology

New virus masquerades as news headlines


YOUR E-MAIL ALERTS
Computer Security

(CNN) -- Researchers have identified a new computer virus that masquerades as news headlines from CNN's Web site.

Sophos, an anti-virus firm, says the virus -- identified as Crowt-A -- pulls headlines, subject lines and other content from CNN.com. Once opened, the virus can then scan the user's address book and try to email itself to those users.

The virus' subject line and attachment share the same name, Sophos researchers say, but change continually to match headlines from CNN.com's home page.

"Virus writers are always looking for new tricks to entice innocent computer users into running their malicious code," Carole Theriault, security consultant at Sophos, said in a statement. "This latest ploy feeds on people's desire for the latest news."

Although the number of PCs possibly infected was not immediately known, Sophos said there has been only a small number of sightings.

In addition to emailing itself to other users, the virus also installs a "backdoor Trojan function," according to Sophos. This function can pick up and send data such as keystrokes to a remote user -- a practice sometimes used by hackers to obtain sensitive information such as passwords.

Last May, a fast-spreading computer "worm" known as Sasser wreaked havoc on computer users worldwide, affecting several businesses, banks and government offices.

Users of the Windows operating systems reported sluggish machines and computers that quit or rebooted for no reason.

Anti-virus companies estimate that more than 1 million PCs were infected.

While a computer virus requires some sort of human intervention to be launched, such as opening an e-mail, a worm takes off on its own. Sasser spread through a Windows vulnerability known as LSASS, or Local Security Authority Subsystem Service -- hence the name Sasser.

Sasser would scan random Internet protocol addresses until it found a vulnerable system. Then it would copy itself into the Windows directory as an executable file, and would launch the next time the computer is booted. All that searching for a new "victim" would slow things down across the Internet.


Story Tools
Subscribe to Time for $1.99 cover
Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards
Search JobsMORE OPTIONS


 

International Edition
CNN TV CNN International Headline News Transcripts Advertise With Us About Us
SEARCH
   The Web    CNN.com     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser.
CNN.com does not endorse external sites.
 Premium content icon Denotes premium content.
Add RSS headlines.