War with Iraq will mean virus outbreak, hacker says

Dan Verton   Today’s Top Stories    or  Other Cybercrime and Hacking Stories  

Avoiding the Latest Phishing Attacks Customer Satisfaction with Email Archiving Systems Intercept Spam & Viruses Discover the Secret to Secure Remote Access: GoToMyPC Corporate Security White Paper Sign up to receive Security Resource Alerts

November 20, 2002 (Computerworld) -- A Malaysian virus writer who is sympathetic to the cause of the al-Qaeda terrorist group and Iraq and who has been connected to at least five other malicious code outbreaks is threatening to release a megavirus if the U.S. launches a military attack against Iraq.
The virus writer, who goes by the handle Melhacker and is believed to have the real name of Vladimor Chamlkovic, is thought to have written or been involved in the development of the VBS.OsamaLaden@mm, Melhack, Kamil, BleBla.J and Nedal worms.
However, in an exclusive interview today with Computerworld, Melhacker confirmed earlier reports by Chantilly, Va.-based iDefense Inc. that he has developed and tested a "three-in-one" megaworm code-named Scezda that combines features from the well-known SirCam, Klez and Nimda worms.
"This is a real Internet computer worm," said Melhacker. "I will attack or launch this worm if America attacks Iraq." The worm has been ready and fully tested in his lab since August, he said. He also confirmed earlier intelligence reports that he has ties to both Russian hackers and Pakistani virus writers.
Brian Kelly, president and CEO of iDefense, said that although Melhacker hasn't proved adept at seeding new worms in the wild, this worm could be difficult to stop. IDefense quietly warned its clients last week about the potential for such a worm to hit the Internet, saying that companies should move to a heightened state of alert and watch for suspicious Internet traffic and e-mails if Iraq is attacked.
"If he were to be successful with this one, it could be very serious," said Kelly. "Although we are aware of his contacts with Russian and Palestinian code-authoring groups, we're not yet sure how strong those relationships are."
Vincent Gullotto, vice president at McAfee Security's Avert, a division of Network Associates Inc. in Santa Clara, Calif., said the threat posed by Scezda is completely dependent on whether or not Melhacker is successful in getting it to propagate.
"If he is, it could be very large," said Gullotto.
But it's difficult to speculate because there have been many such viruses that have gone nowhere, he said. "Until we see the virus moving in the wild, we consider it to be a low risk," Gullotto said.
Melhacker, who has also gone by the name Kamil, may have had some involvement in the September release of the BugBear mass-mailing network attack worm. According to iDefense, Melhacker has close ties to Nur Mohammad Kamil, who identifies himself as part of a group known as "A.Q.T.E. Al-Qaeda Network." Melhacker has also associated himself with the al-Qaeda network for a long period and has been an active Malaysian malicious coder threat for at least six years.
At least one of these worms, the Nedal worm (the name is Laden spelled backward) contained encrypted code, according to analysis conducted by iDefense. When decrypted, the code was shown to contain numerous Arabic names of unknown significance, as well as references to al-Qaeda.
In the case of the VBS.OsamaLaden@mm worm, the code leaves a message that refers to the Sept. 11 terrorist attacks and then attempts to shut down a user's system and delete all files in the Windows System directory.
The continuing development of malicious code from pro-Islamic and pro-al-Qaeda hackers, especially in Malaysia, is of great concern and one that needs to be closely watched, according to an intelligence bulletin released last week by iDefense.
"While it might be true that al-Qaeda operatives are not well organized, skilled or equipped to mount a serious cyberoffensive, it is likely that al-Qaeda sympathizers will serve as surrogates in their cyberoffensive," said Kelly.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"A couple of weeks ago at..." Read more... "Most security companies tend to take a horizontal approach looking to capitalize on the finance, service provider, and federal government..." Read more... Read more Security posts or See all Blogs

Elgan: You can be Batman, too Study: IT jobs will drop in 2009 RIM fixes critical BlackBerry Enterprise Server bug More top stories...

Apple's recall demand would probably kill Psystar, says IP attorney DNS flaw discoverer says more permanent fixes will be needed AT&T muffs free iPhone Wi-Fi offer again

11 cool new apps for the iPhone With the opening of Apple's App Store, the iPhone takes a revolutionary leap from cool mobile phone to hot mobile platform. See our list of apps you should definitely check out for yourself. Google is doing WHAT? Its motto is "Don't be evil" — but it looks like anything and everything else imaginable is pretty much fair game — not to mention some wildly rumored projects that we asked the company to confirm or deny. The new face of R&D: What's cooking at IBM, HP and Microsoft The talk at three big research houses is all about "open innovation." Is that a feel-good catchphrase or the R&D strategy of the future? Review: The iPhone 3G was worth the wait After months of waiting for a 3G-based iPhone — and hours waiting in line to actually buy one — Ryan Faas says it "packs quite a punch, both in its design and in the 3G and GPS capabilities" it offers. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class2006 Computerworld Horizon Awards2006 Premier 100 IT Leaders2006 Salary Survey2007 Best Places to Work in IT2007 IT Forecast2007 Premier 100 IT Leaders40 Years of ComputerworldASPs, Take TwoBest Places to Work in IT 2003Best Places to Work in IT 2004Best Places to Work in IT 2005Best Places to Work in IT 2006Business Intelligence Home RunsBusiness Intelligence: Smarter BIBusiness Intelligence: The Future of BICRM Goes VerticalCRM: Sober CRMCareer Planning Guide 2005Careers: IT Profession 2010Computerworld Horizon Awards 2005Data Management: Mining for GemsData Management: Taming Data ChaosDevelopment: Hard-Workin' Web SitesDevelopment: New Tools New ChoicesDevelopment: The New World of Application DevelopmentDevelopment: The Web Services TsunamiDevelopment: Web Services HurdlesDisaster Recovery: Preparing for the WorstE-commerce Grows UpE-mail/Groupware: Big DecisionsFaces of Mobile ITForecast 2006Global MobileHardware: Multiple Cores, Multiple ChallengesHardware: On-Demand Un-HypedHardware: The Shape of Things to ComeHorizon Awards: 10 Cool Cutting Edge TechnologiesIT Management: Guide to Managing VendorsIT Management: Navigating Global ITIT Management: Recovery AheadIT Management: The Future of ITIT Management: The Resourceful Project ManagerInnovative Technology Awards 2004Management: Reinventing ITMicrosoft in TransitionMobile/Wireless Leaders and LaggardsMobile/Wireless: The Untethered WorkerMobile/Wireless: Tiny Gadgets, Huge CostsNetwork Management: Taking ControlNetworking: Turbulence Ahead!Networking: VoIP Goes MainstreamOperating Systems: In the Slow LaneOperating Systems: Linux Goes GlobalOperating Systems: Should You Nix Unix?Outsourcing: Offshore Buyer's GuideOutsourcing: Outsourcing DangersPremier 100 IT Leaders 2004 Best in ClassPremier 100 IT Leaders 2005 Best in ClassROI: Do the Math!Salary Survey 2003Salary Survey 2004Salary Survey 2005Security Action PlanSecurity: Compliance HeadachesSecurity: Proactive SecuritySecurity: Risk and RewardSecurity: Tips From Security ProsSouped-up SecurityStorage: Battling ComplexityStorage: Cheap & Secure Data StoresStorage: Stretching Your Storage DollarsStorage: The Lean Storage MachineStorage: The New Rules of StorageStorage: The Ultimate Backup GuideSupply Chain: Missing LinksSupply Chain: RFID Reality CheckThe Business of SecurityWeb 2.0 SecurityWireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone Data Center Management Zone Enterprise-Class Security Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone Business Intelligence and Analytics Zone See your link here

Why SaaS is Vital to Email and Web Security Why SaaS is Vital to Email and Web Security Download this webcast, free, compilments of Webroot Software Go to the webcast  Computerworld Executive Bulletin: Building a Robust Antivirus Defense Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability New Fujitsu High-End Itanium-Based PRIMEQUEST Servers Offer Industry-Leading System Management for Linux and Windows Web Security SaaS: The Next Generation of Web Security View more whitepapers  How to Offer the Strongest SSL Encryption Get this white paper now! (Source: Verisign) Learn all the facts about guaranteeing maximum SSL strength to every Web site visitor, regardless of browser type or operating system. Stronger encryption levels keep your business safe from online threats and allow your customers to feel safe transacting on your site. Download this white paper

• Elgan: You can be Batman, too
• Study: IT jobs will drop in 2009
• RIM fixes critical BlackBerry Enterprise Server bug
• More top stories 

Security Management Zone Security management is the process of developing a comprehensive data protection plan. It takes into account all potential threats, the existing network environment, the future needs of the organization, and lays out a multi-tiered blueprint to integrate the security technology needed to combat these threats. CDW can help keep your network and data secure. Visit the CDW Security Management Zone now See All Zones

In Security Stripping away the trappings of applications, systems and networks, information is the core asset of most organizations. Our columnist describes how asserting the importance of information governance is crucial to making that asset tangible, addressable and protected. Click here to read the latest column by Jon Espenschied

Protecting Exchange While it was once just a convenient way for employees to communicate internally, today e-mail systems like Exchange are tightly integrated with other business applications and are one of the primary methods for communicating with current and prospective customers. Protecting Exchange against costly downtime has become a top priority for more IT departments. So how do you ensure that your Exchange environment is always protected? Download this white paper now!

The Spy Files For Congress to do anything that helps protect consumers and the critical Internet infrastructure as a whole, it must pass laws that require proactive processes to protect computers, not that tell people how to deal with the resulting mess, says Ira Winkler. Click here to read the latest column by Ira Winkler