BKIS Network Security Center said that over 10,000 computers were infected, including many who have not yet eradicated this worm .
However, it seems that the psychology of 'after the rain is bright' and 'losing the cow is still not worrying about making a stable' is still deep, so many people, although frantic when infected, are easily forgotten. When some cyber security centers offer a way to 'cure' people breathe and forget the virus immediately, because every day people discover how many viruses on their computers.
But sometimes we still hear the news: ' A few hundred thousand personal information of employees of HP Group was stolen ', or: ' Leaking information about nuclear power plants ' . announced, but Perhaps few people suspect that the cause is largely due to viruses and 'worms' of this type.
With the general principle of taking advantage of the loopholes of users when using tools to manipulate the Internet (surfing the web, email, instant messaging software - IM), taking advantage of the address book and the trust of friends for for victims . to spread on a large scale by installing a hidden program (can be called 'Spyware') on infected computers. After succeeding, the network of these computers will be controlled by the evil player without the owner's knowledge. The story can then take place in the following scenarios:
1. Information theft: Spyware can open backdoors for hackers to hijack the computer. Any subsequent behavior, from monitoring all owner actions, stealing passwords or personal information, copying information, destroying data or the entire system . to stir up hackers occupying the organization's intranet system . is within reach.
The story will become more serious if the computers belong to the network of business, financial - banking units or state agencies or related to national security; The true owners of those computers will inadvertently become abetters of bad deeds.
2. Attack pedal: Controlled computers can be used to launch DDoS denial-of-service attacks (which have long been "killed" by hackers because of their brutality and despicability. of it) to servers on the Internet by ordering these computers to continuously send hundreds or thousands of requests to the victim.
This both makes those computers significantly reduce performance (slow, sluggish .), costing bandwidth and wasting national Internet resources, and flooding the victim server with requests fake leads to loss of processing ability. Total physical damage to the whole society and the victim is not countable!
In theory, such a secretly controlled network of 30,000 'ma' computers could attack any host system in 10-30 minutes. In fact, worms like Blaster, MyDoom, Sasser, Sobig . in 2003 - 2004 were the horrors of the giant networks of Google, Microsoft, Windows Update . and made the sky secure. those years became very gloomy with losses estimated at 38 billion USD.
Especially serious if such tools are used for unfair competition or defense security violations. Preventing attacks is virtually impossible, and detecting the source of spreading and preventing infection is also extremely difficult because it depends on users' understanding and consciousness.
Experience in the world shows that: it is only possible to prevent by law, using criminal penalties such as crimes which bring about similar consequences to be sufficient to deter. Unfortunately, in Vietnam, there are no sanctions that are strong on this behavior, so the evil guys have a better chance of freedom.
According to the analysis of the recent virus security centers, it is shown that the writer has a level of not high (simply "Vietnameseize" the virus source code that is distributed online) but has been "successful" when taking advantage of YM Chat tool which is very popular and trusted to spread viruses. This is a 'creative' because most users are now conscious of not opening attachments in strange emails.
The precise determination of the dispenser, investigating the profound motives and applying the necessary deterrent measures to model and demonstrate the legal discipline that can reach into the virtual world is a serious and pressing requirement. . And to protect yourself against the dangers online, Internet users should be very careful with the links sent through YM, absolutely do not download if the link leads to files ending in: .exe, .vbs, .pif.