Rinbot Worm Strikes To Infect CNN Network

A worm has struck Turner Broadcasting System, the owner of CNN. It would have been possible to detect the worm had the company updated its anti-virus program.

The worm infects by exploiting known security holes in Windows software. It also spreads through vulnerability in Symantec's anti-virus application that the security company has fixed.

According to senior technology consultant at Sophos, Graham Cluley's statement to vnunet.com, CNN alone can tell what exactly went wrong in its organization.

Symantec's Web site posted that the Rinbot worm makes way for a back door in the infected network and communicates with an IRC server, enabling an attacker to commandeer the server.

The first appearance of Rinbot was reported in March 2005. However, the IT security company had the knowledge of several new editions of this virus since February 15, CNN quoted Graham Cluley, senior technology consultant with Boston-based anti-virus company Sophos.

Sophos believes that the latest problem is the virus' 7th version; Cluley said in a statement that Mathaba News Network published on March 3, 2007. This version exploits security flaws residing in anti-virus applications. A hacker disgruntled with Symantec could possibly be the reason for the new destructive problem.

Sophos explains hackers most often act with financial motives. They take advantage of security flaws to infect others' computers. In this backdrop security companies need to roll out patches as early as possible.

Although Symantec produced a patch for the security hole in its software in 2006, some businesses find it difficult to stay updated with patches and deploy them on all the PCs across their networks.

An IT specialist with Symantec, Thomas Parsons told CNNMoney.com that the latest variants of Rinbot have made Symantec's anti-virus products their targets. Parsons said they were not sure of the hacker's motivation but knew that the hacker added his own commands to the malware. Using those codes the hacker tried to indicate that he was unhappy with Symantec dubbing the virus as Rinbot.

In 2005 another known flaw hit CNN when the Zotob worm spread in its system and infected the network. CNN reported the breach on air for all its viewers.

Related article: Rinbot, an On and Off Threat

» SPAMfighter News - 3/15/2007