Malware Responsible for DDoS Attacks Deletes Data on Ho

[reghakr]

July 9 & 10, 2009)

The malware behind the distributed denial-of-service (DDoS) attacks that
hit sites in South Korea and the US also includes instructions to delete
data on the PCs it has infected starting on July 10, 2009, so the
computers used in the attacks are at risk as well. The code is designed
to copy files with about 30 different common extensions into encrypted
files, then overwrite the originals. It will also modify Master Boot
Records on infected machines. The attacks' sophistication increased
over the several days it was targeting the sites. The malware is known
as W32.Dozer.

More Info........
http://www.techweb.com/article/showArticle?articleID=218401559&section=News
http://voices.washingtonpost.com/securityfix/2009/07/pcs_used_in_korean_ddos_attack.html

 

[Aheaton]

July 9 & 10, 2009)

The malware behind the distributed denial-of-service (DDoS) attacks that
hit sites in South Korea and the US also includes instructions to delete
data on the PCs it has infected starting on July 10, 2009, so the
computers used in the attacks are at risk as well. The code is designed
to copy files with about 30 different common extensions into encrypted
files, then overwrite the originals. It will also modify Master Boot
Records on infected machines. The attacks' sophistication increased
over the several days it was targeting the sites. The malware is known
as W32.Dozer.

More Info........
http://www.techweb.com/article/showArticle?articleID=218401559&section=News
http://voices.washingtonpost.com/securityfix/2009/07/pcs_used_in_korean_ddos_attack.html

There seems to be alot of DDOS attacks going around recently. Bellsouth Telecomm has recently been hit with several DDOS attacks causing some of our clients such as "Brookstone", and "Rue21" to loose Wan connectivity and Credit Authorization.