"There is no panic. It hasn't been out there long enough, and we don't anticipate it's going to be a problem for our customers," said Darren Kessner, a senior virus researcher at Symantec's antivirus research center.

When BO2K, as the program is also known, was released last Saturday, Symantec put a team of engineers and others to analyze the virus. They developed a fix by Sunday morning. Competitors such as Network Associates and smaller players such as Moosoft Development also responded quickly with antidotes to the BO2K, which are available at each company's Website.

Danger still looms

While there are a range of preventable options and fixes in place, BO2K can pose a serious threat if undetected. The program is usually distributed as an attachment via e-mail. The attachment could be named something innocuous such as joke.exe. But when executed, BO2K turns control of the desktop system over to a remote user who can view, delete, or change files.

BO2K was released last Saturday at the DefCon VII computer show in Las Vegas. Because the source code for BO2K was released publicly, security experts are also concerned more pernicious variations of the virus may inevitably be developed.

MORE COMPUTING INTELLIGENCE

IDG.net home page

PC World home page

FileWorld find free software fast

Make your PC work harder with these tips

Reviews & in-depth info at IDG.net

IDG.net's desktop PC page

IDG.net's portable PC page

IDG.net's Windows software page

IDG.net's personal news page

Year 2000 World

Questions about computers? Let IDG.net's editors help you

Subscribe to IDG.net's free daily newsletter for computer geniuses (& newbies)

Search IDG.net in 12 languages

News Radio

Fusion audio primers

Computerworld Minute

Windows NT has earned a reputation for being more secure than Microsoft's other desktop operating systems, Win 95 and 98, but is still vulnerable--as are most, if not all operating systems--to Trojan horses.

"Back Orifice 2000 is not technically a virus because it does not self-replicate or propagate," said a Network Associates advisory.

The company's antivirus emergency response team rates BO2K as a "medium" threat due to its destructive qualities, wide exposure and availability, balanced by relatively few outbreaks at customer sites and widespread advance notice of BO2K.

Protect yourself

"The most important thing users can do is to not to run attachments you aren't sure about," said Symantec's Kessner.

BO2K is "something very standard, that we've dealt with for a long time," adds Kessner. "It's no greater threat than earlier Trojan horses."

Most antivirus vendors also offer 30-day free trial versions of their software from their Website for download. The Network Associates site will also scan your system for BO2K.

But probably the most inexpensive full-blown solution comes from Moosoft, which specializes in solutions to Trojan horse programs. Moosoft's The Cleaner, Version 2.1, is available for download at $19.95, and scans for and eliminates BO2K files. The company also offers a 30-day free trial.

Moosoft has identified 128 Trojan horse programs handled by The Cleaner, and claims the fastest scan engine in the industry, according to company spokesman Robert Dyke. The Cleaner scans files, drives or directories as specified by the user, though it does not operate in the background to automatically check as the more expensive programs from Symantec and Network Associates do.

PC lock-down

Another line of defense against BO2K is ZoneAlarm, from Zone Labs, which the company released Tuesday as a free adjunct to antivirus software for Win 95, 98, NT and 2000. ZoneAlarm prompts users for permission any time a program coming from the Internet tries to install itself on the user's PC.

Another feature called Internet Lock prevents all applications from sending or receiving data unless authorized by the user. ZoneAlarm also includes an Automatic Lock feature that secures the PC anytime a screen saver is activated or after a specified period of inactivity.

"While firewalls, antivirus programs, and intrusion-detection applications provide a high level of security for connected PCs, they cannot prevent a rogue program that slips by these defenses from stealing information and transmitting it over the Internet," said Zone Labs President Gregor Freund. "The ZoneAlarm Internet security utility provides an additional and crucial level of security by letting users control and monitor Internet access on a per-application basis in real time."

SPECIAL:

Insurgency on the Internet

RELATED STORIES:

New and improved Back Orifice targets Windows NT
July 7, 1999
FBI on offensive in 'cyber war,' raiding hackers' homes
June 24, 1999

RELATED IDG.net STORIES:

Hack-a-thon demos the latest chaos
(PC World Online)
Companies brace for Trojan Horse
(PC World Online)
Hacker tool targets Windows NT
(PC World Online)
Hackers gather in Vegas
(PC World Online)
Hacker group tries to convince world its Back Orifice tool is legit
(Network World Fusion)
BackOrifice 2000 released with great fanfare at DefCon
(InfoWorld Electric)
Remedies online for Back Orifice 2000
(IDG.net)

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:

Symantec Antivirus Research Center
Norton Antivirus
Network Associates
Moosoft Development
Zone Labs

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

LATEST HEADLINES:

Back to the top