Windows Sasser worm mutates, knocks out banks, EC; Macintosh unaffected

Security experts are analyzing the worm to determine where Windows worm Sasser might hit next.

“‘We don’t know yet, for example, if it attacks machines running on Windows XP Embedded, which runs ATM machines and cash registers. That would be disastrous for banks and retailers,’ said Raimund Genes, European president of security software firm Trend Micro,” Bernhard Warner reports for Reuters.

“In the space of three days, four variants have emerged, each capable of causing machines that run on Microsoft’s Windows operating systems XP, NT and 2000 to reboot without warning and knocking out some computer reservation systems. Victims include Goldman Sachs, Australia’s Westpac Bank and Finnish financial company Sampo. It has also hit about 300,000 computers at Germany’s Deutsche Post,” Warner reports.

“Staff were temporarily unable to issue cash over the counter as a result, German media reported, while a European Commission spokesman said Sasser hit 1,200 PCs Monday. ‘We had big problems yesterday,’ the EC spokesman said,” Warner reports. Full article here.

BBC News reports, “Taiwan’s national post office said 1,600 of its machines were hit by the virus which forced more than 400 of its 1200 branch offices to revert to pen and paper. The disruption left customers queuing in long lines at many of the company’s offices, according to television reports. Two Hong Kong government departments and some hospitals on the island were hit by the virus. In Australia Railcorp trains were halted apparently because a virus disrupted the radio systems and stopped drivers talking to signalmen. Also in Australia Westpac Bank staff were forced to use manual methods to record transactions as the virus made computers unusable. Two other banks reported infections. Finnish bancassurer Sampo said it had temporarily closed all its 130 branch offices as a precaution against Sasser. US airline Delta would not comment on reports that the virus caused disruption to its schedule.”

MacDailyNews Take: Computers running Apple’s Mac OS X are not affected by the Sasser worm. More information about how easy it is to add a Mac OS X machine to your computing arsenal here.

54 Comments

  1. If a badly written worm can infect that many computers, what will happen when a well written worm designed for destruction of computers spreads? Undoubtedly, some people will point out stories that they are not infected, thus, however much destruction this worm costs has no bearing on their pocket. Maybe that is the case, but any company will be wise to consider the potential high costs of worms/viruses can inflict and the high cost to hire people to maintain the integrity of their network security. Above all, the cost may not be monetary, e.g. trust. If a bank goes down because of a worm, will the customers trust it to put theirm money in there? Also, for most non-technical people, security problems may cost something other than money, directly. Some may lose unsaved work, some may lose private info, etc.. While the true TCO is known after the computer purchase and maintenance, an undoubtedly varies from instances to instances, it is wise to consider potential costs and damages and the potential advantages when choosing a platform

  2. Service Pack 2 will be as effective as Patch 237456328, Patch 3365452c, Patch 339856hhdv.a and Critical Security Update 2212548754 – USELESS!

    You can’t build a house on quicksand.

    As for Longhorn, I think it will go the way of OS/2.

  3. artiom: you may download Windows virus kits off the web. Only requirement is often just having a basic understanding of the english language. An average 13 years old can launch a virus on the wild.

    To write a virus for BSDUnix requires so much deep knowledge that I do not see possible for such a guru Unix professional to be unemployed or have anything to prove by writing a virus for the platform.

    In addition to that, I have a little analogy as well: cracking into Windows requires the skill of petty thieves who operate with a brik to do smash&grab; kind of theft. Even if they know – and they do know – where to find the main branch of the Bank they do not have the skills to break into those (which are not anyway 100% sure but way above their skills). Hence they stick with what they know: smash (Windows) and grab what the can. Pun intended.

  4. When will a virus be made available for MacOSX? I want to see how OS X handles the infection and how easy it’ll be to get rid of the bug.

    MS is a very very sick OS, all these antibiotics (fixes & patches) are going to kill it in the long run. You just can’t cure someone �chronically� ill with antibiotics. Don’t fool yourself.

  5. And if one ask “what are those Unix gurus doing” the answer is easy. They are for the most involved into OpenSource activities and are the primary sources of Security Patches of Unix tools which – if you pay attention – are essentially all that you find on *Apple* security updates: they are nothing more than security updates to Unix OpenSource tools.

  6. Interesting would it be a good idea for apple to release the actual operating system so that dell, hp, ibm could sell it with their computers. Maybe apple will loose money on the actal hardwear but they would probably make more by selling it to othe computer companies.

  7. Boeing777: I am not adamant that OS X will not see a virus ever, I am pretty sure that day will come as it has come in Linux but there is one BIG difference with Windows.

    Windows OS installation are the copy-cat of all others. A Windows PC in the US is configured as one in Taiwan or in UK or in Italy. That is the reason why you see worldwide spread so easily. Smash one Windows and you are certain all other Windows will break with the same brick.

    Now, a typical Unix platform is NOT the copycat of the next one. Same for OS X. Does the user have Unix tools installed? is using postfix, sendmail, ssh, apache, etc.

    Breacking into one does not ensure world-wide spread. If tomorrow one comes and find an exploit on uuid who tells you the guy next door has that running or even installed. Does the grandma on her OS X vanilla installation cares if a crack on postfix allows the virus to send itself around? Nope, she does not even knom it exist or how to enable it.

    If you do not get world-wide spread as in Windows it is not a virus, it is a joke, at most a nuisance for the small percentage of platform that happend to be configured so that the exploit is truly exploitable.

  8. artiom: Darwin (the bulk and guts of OS X) is OpenSource. Anyone can dowload it. So much so for the security by obscurity. It is available to anyone who likes to see the source code and yet in three years no one came out with a virus (mainly for the reasons I outlined above)

  9. mind, although Darwin is OpenSource, OS X is not. Apple will not release OS X for x86 in that it would lose market share.

    Apple has 100% market share: if you want to run OS X or Apple apps you have to buy a Mac. Not so if OS X could run on a $400 PC. THEN, market share would matter for Apple and its ~5% or less would really hurt. As it is now they are only so affected by that. For as long as they have developers for OS X – and they grow in number with time – they can laugh at all analysts whining their market share is declining so Apple will die soon. They laugh because their market share is actually 100% and firmly so.

  10. what do you mean that apple share is 100%?
    another thing if apple will not sell and windows will then, no metter how good is apple, it will go out of business.
    apple really should work on epanding there market and getting developers to wrie even more programs and the main attraction games.

  11. artiom, are you Rob Enderlie in disguise? He is the one who wants to turn Apple into a software company. You are so obviously trying not to look like a writer, with your poor grammar, punctuation and spelling that I think you must be one. An annalist in disguise, trying to promote his pet theories. Come clean you bastard.

  12. learn russian you thick twat lets see your grammer than, and then we will be able to talk about Rob Enderlie and what ever you sas after bla bla bla bla bla bla bla bla bla

  13. artiom: can you run Keynote on PC? Nope. Only one brand of computers runs Keynote: a Mac with OS X. No competition. When there is no competition you have by default 100% of the market.

    If you want to enjoy OS X Apple knows you cannot ask HP or Dell for a model of PC where to run it. You HAVE to buy Apple, hence they have effectively 100% of the market.

    You buy a computer to run software on it. If you want to run <name average Windows application> you may choose among hundreds of computer makers. Usually the uninformed goes with the majority and asks which is the most sold PC and ends up with a Dell or an HP.

    This does not happen with Apple. There is only one brand and if you ask around where to run FinalCut Express the answer is only one: Apple. 100% of the market.

  14. artiom: Apple IS expanding. 5% more Apple computers sold wrt last year. Cannot care less of competition for as long as the software it runs only runs on Apple. And now, with OS X, not only Apple sw but also all Unix and Linux sw is available. People have not yet realized what Apple has done with OS X.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.