Among the latest is the Bozori worm, which attempts to eliminate infections by earlier versions of Zotob, so it can take control of a compromised computer for itself, according to several security firms.
Variants from both the IRC Bot and Bozori families that exploit the same Microsoft (MS05-039) Plug-and-Play vulnerability, are now busy deleting competing PnP bots, according to Finish security outfit F-Secure.
''It seems there are two groups that are fighting: IRCBot and Bozori vs. Zotobs and the other Bots,'' warns the F-Secure's security team on its Web site. The group said there are 11 different types of malware in the wild exploiting the vulnerability.
F-Secure gave the virus a level 2 risk assessment, its second-highest threat level.
The Zotob virus, which surfaced earlier this month after Microsoft warned of the security flaw, has already hit media outlets including ABC, CNN, The Associated Press and The New York Times, among others. Microsoft issued a patch earlier this month as part of its monthly patch process, however the bug has been hitting networks not properly protected.
In response to the fast-moving virus, Microsoft has made a no-cost, software-based cleaner tool available that customers can use to automatically remove the Zotob worm and its variants from infected PCs after deploying the security update.
''We are not aware at this time of a new attack, but are releasing this free tool to help any customers that may have been affected,'' the software maker said in a statement.
Vinny Gullotto, a vice president at McAfee AVERT, said the fast-spreading worms capable of launching Denial-of-Service attacks warranted a high-risk assessment because of several factors. Most notably, they are spreading without any human interaction action.
This article was first published on internetnews.com. To read the full article, click here.
Loading Comments...