LITTLE ROCK (AP) — The appearance in a state computer of files containing texts and images that apparently originated with the terrorist group al-Qaeda prompted the federal Homeland Security Department to wonder about the security of other state computers.
Gary Underwood, chief security officer for the state computer network, said that after a check this week of the state's computer system's servers, it seems the terrorist-related files were an isolated incident.
"I think we're fine," Underwood said Thursday. "We've had more than 30 responses and haven't found anyone who has suspicious files."
Underwood said his office sent an e-mail asking all the state agencies whether they've experienced problems.
'Atak' worm variant linked to al-Qaida sympathizer
Last modified: July 16, 2004, 10:55 AM PDT
By Munir Kotadia
Special to CNET News.com
A second variant of the Atak worm, which goes to sleep to avoid detection by
antivirus software, has been linked to an al-Qaida sympathizer who once
threatened to release a powerful worm if the United States attacked Iraq.
Romanian antivirus company Bitdefender claims the worm's author has signed
his nickname into an encrypted part of the worm's code.
Mihai Radu, communications manager at BitDefender, said the virus,
discovered Friday, is signed by Melhacker, which is the moniker of a
Malaysian-based coder called Vladimor Chamlkovic, who in 2002 threatened to
release an "uber-worm" if the United States attacked Iraq.
Mikko Hypponen, director of antivirus research at Finnish company F-Secure,
said it is possible that Melhacker wrote Atak.B but that doesn't mean it has
anything to do with al-Qaida.
"I think there's no proof anywhere that Melhacker is in any way associated
with al-Qaida. He might want to be, though," said Hypponen.
According to Radu, Atak.B is a mass-mailing worm that tries to turn off the
most popular antivirus and firewall applications and then open a back door
to give control of the system to the author. Like its predecessor, the worm
attempts to avoid being detected by antivirus researchers by going to sleep
when scanned.
Hypponen said Melhacker has released several viruses, including Nedal
("Laden," as in Osama bin Laden, backward) and Blebla. In a 2002 interview
with U.S.-based Computerworld Magazine, Melhacker said he had combined the
worst of the Nimda, Klez and SirCam viruses to create a superworm called
Scezda. At the time, he said the worm was written and ready to be released,
but so far it has not materialized.
Munir Kotadia of ZDNet UK reported from London.
BUMP!!!!