The creators of a recent computer worm compromising networks around the world used easily accessible resources to create the virus, according to experts from various computer security companies who examined the virus widely known as Homepage.
Allegedly written in the Netherlands by three Dutch teenagers who claimed responsibility for the so-called “VBSWG.X” visual basic script, the e-mail containing the virus first spread among corporate networks of Great Britain, Asia and Australia last Wednesday.
While it was infecting hundreds of thousands of computers in Europe during its first day of circulation, the U.S. networks were not as badly affected due to timely virus alerts. However, according to some experts, the new virus has not yet reached its peak of proliferation.
Using an anonymous e-mail service to claim responsibility for the virus, the teenagers said they intended to boost Web page hits at four pornography sites, one of which automatically opens after an unaware computer user clicks on the attachment of the infected e-mail. The message reads: “Hi! You’ve got to see this page! It’s really cool ;O).”
The virus appears to be a slight modification of the Anna Kournikova worm, which clogged computer networks in February, said Ken Dunham of Internet security firm AtomicTangerine, according to Wired.com.
The creators of the Homepage virus used a popular virus writing kit posted on the Web.
“Since the Love Bug, we have seen high-profile infection by the likes of Anna Kournikova,” Graham Cluley, senior technology consultant at Sophos, told Wired magazine.
Once launched, the Homepage attachment uses Microsoft Outlook software to e-mail itself to the addresses contained in the computer user’s database, Sophos experts concluded.
The teenagers claiming responsibility for the virus said they wanted to introduce people to the “joys of being bad on the Net” and would not disclose their ties to the pornographic sites.
The 20-year-old Dutch creator of the Kournikova bug claimed earlier this year that he had no intention of harming computer users and network professionals. “It’s [the people’s] fault they got infected with the Anna Kournikova virus, OnTheFly virus or whatever they call it,” the author said, according to F-Secure Corporation.
“Nowadays, twelve-year-olds can download a worm generator tool and point and click [their] way to a devastating worm,” Dave Kroll, director of security research for Finjan Software, told SC Magazine.
Anti-viral software developers say companies pay little attention to teaching their employees to analyze in-box content before opening their e-mails. Many users still open suspicious files either as part of their work or simply as they exchange joke files.
Fast-spreading e-mail worms hogging bandwidth and viruses causing data loss are the two “most devastating” computer threats known to date, wrote Gregory Olson, director of data recovery services for Ontrack Data International, in SC Magazine.
Experts suggested user awareness and balanced security services may prohibit computer networks from falling victim to malicious viruses like Homepage and Anna Kournikova.
However, as new viruses are written and exchanged, software companies are often caught one step behind virus creators because the infected files spread faster than e-mail alerts. For example, Sophos plans to include Homepage virus detection scripts in its software by June, but thousands of computers have already been infected.
Alex Smirnov is BCE’s research assistant.
