Google
Web pcflank.com
PC Flank Logo
 Make sure
you're protected
on all sides
 Test Your System
 About PC Flank's tests
 PC Flank Leaktest NEW!
 Quick Test
 Stealth Test
 Browser Test
 Trojans Test
 Advanced Port Scanner
 Exploits Test
 Ask the experts
 Leak Tests Catalog NEW!
 FAQ
 Glossary
 Community
 Forum
 Security Center
 Software Store
 Books Store
 Articles Library
 Software Reviews
 Interviews

 

Tip of the day
If you find a Trojan on your system, change all your passwords immediately.
Security News

Who keeps the flag flying?

March 12, 2004

Two new NetSky worms appeared on the Internet yesterday, despite a promise by their author to refrain from releasing any more versions.

As we all remember, the latest version of NetSky worm carried a message, according to which it was to be the last. Netsky-K (aka Netsky-J) was little different from the earlier versions we've seen over the last month. Once again, the worm contained insults against the authors of the Bagle worm, continuing the flame war among virus writers that has raged in Internet since last week plus the code designed to remove Bagle from infected PCs.

A little time after there was a message from the unknown authors of the worm promising to end the NetSky onslaught. The exactly message read "We want to destroy malware writers business, including MyDoom and Bagle... This is the last version of our antivirus. The source code is available soon."

Everybody - from ordinary users to security analysts and antivirus firms have waited for the authors to live up their words, but today two new versions of this worm have been spotted in the wild. Like previous versions, they spread by email in an attachment, but it contain a number of significant differences from its predecessors.

Netsky-L contains no mention of 'Skynet', does not try and disinfect the Bagle worm, and contains no hidden text slagging off Bagle's author. It could be the NetSky author is just playing games and hasn't quit at all, or that he rele4ased the virus blueprints and somebody else has started to release new versions of the worm.

"Obviously, virus writers cannot be trusted- what might appear as a cat-and-mouse game between virus writing groups may actually be a well-organized cover-up to disguise their true intentions", said Steven Sundermeier from AV firm Central Command.

So, everybody has got nothing to do, but to keep wondering whether the NetSky author has quit the game, or he's just tries to disguise himself, or there's something else. Wonder and wait until Internet becomes safer and free of this malicious email scam again.

Security analysts rate NetSky-L, which is spreading slowly, as low risk. NetSky-M is even rarer. Previous versions of the worm - in particular NetSky-D - remain a far more potent threat.

  Discuss this article on the Forum

 
 
Start Page
Make "PC Flank" your   
Start Page!   
Make

 
In the Spotlight
» One man's job

» Outpost Firewall Pro Review

   
 

 
Sponsored links


   
 
Related Links
» Another
Internet cloggier
under way

» Nachi raises
from dead
to undo damages
caused by MyDoom

   
 

 
   
Outpost Firewall PRO 3.0 - complete protection on the Internet!

Secure Internet surfing with Oupost personal firewall with antispyware and free firewall available for download at www.agnitum.com. 		 
Privacy Policy
    Advertiser Info		 Site Map
    Contact Us

 
 
© 2006 PC Flank Ltd. All rights reserved.