SubSeven hacking tool in hundreds of computers

NEWS The Trojan horse programme is being distributed across internet relay chat (IRC) channels masked with file names such as SexxxyMovie.mpeg.exe. According to security experts at Internet Security Systems (ISS), hackers could be setting the 800 infected PCs to launch a distributed denial-of-service (DDoS) attack, similar to those, which brought down CNN.com, Yahoo! and Amazon in February. Gunter Ollmann, principal consultant at ISS, said SubSeven has been known about for some time, but hackers are now developing and refreshing the programme. "SubSeven is designed to allow programmers to package up backdoor tool to their own special flavour," he said. Once a PC is infected it allows the hacker access to all admin controls and files on the machine. According to ISS, most of the affected machines are home computers on high-speed cable modem or DSL connections. "This tool specifically targets Windows 95 and Windows 98," said Ollmann. "Windows is not designed to be a secure environment so even with personal firewalls home users are not going to get particularly good protection." ISS is attempting to contact all infected users.