CERT/CC, a US based group responsible for alerting the Internet community to security threats, has today warned that an increase in network share-based attacks may be paving the way for a distributed denial of service (DDoS) attack. “Using these [network share based] techniques, many attackers have built sizeable networks of DDoS agents, each comprised of thousands of compromised systems,” the advisory said. The attacks have consisted of both manual and self-propagating worm style assaults. One worm to have used the technique is Deloder, which first began spreading over the weekend. Although it barely popped up on the corporate radar as a direct threat, its success in compromising home user systems has been widespread. The worm uses poorly protected Windows network shares to compromise the targeted system, and then installs two Trojans. It’s the IRC “bot” Trojan that should be of serious concern to the online community, according to Matthew McGlashan, a security analyst with the University of Queensland’s AusCERT security organisation. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.