War with Iraq will mean virus outbreak, hacker says
Computerworld -
A Malaysian virus writer who is sympathetic to the cause of the al-Qaeda terrorist group and Iraq and who has been connected to at least five other malicious code outbreaks is threatening to release a megavirus if the U.S. launches a military attack against Iraq.
The virus writer, who goes by the handle Melhacker and is believed to have the real name of Vladimor Chamlkovic, is thought to have written or been involved in the development of the VBS.OsamaLaden@mm, Melhack, Kamil, BleBla.J and Nedal worms.
However, in an exclusive interview today with Computerworld, Melhacker confirmed earlier reports by Chantilly, Va.-based iDefense Inc. that he has developed and tested a "three-in-one" megaworm code-named Scezda that combines features from the well-known SirCam, Klez and Nimda worms.
"This is a real Internet computer worm," said Melhacker. "I will attack or launch this worm if America attacks Iraq." The worm has been ready and fully tested in his lab since August, he said. He also confirmed earlier intelligence reports that he has ties to both Russian hackers and Pakistani virus writers.
Brian Kelly, president and CEO of iDefense, said that although Melhacker hasn't proved adept at seeding new worms in the wild, this worm could be difficult to stop. IDefense quietly warned its clients last week about the potential for such a worm to hit the Internet, saying that companies should move to a heightened state of alert and watch for suspicious Internet traffic and e-mails if Iraq is attacked.
"If he were to be successful with this one, it could be very serious," said Kelly. "Although we are aware of his contacts with Russian and Palestinian code-authoring groups, we're not yet sure how strong those relationships are."
Vincent Gullotto, vice president at McAfee Security's Avert, a division of Network Associates Inc. in Santa Clara, Calif., said the threat posed by Scezda is completely dependent on whether or not Melhacker is successful in getting it to propagate.
"If he is, it could be very large," said Gullotto.
But it's difficult to speculate because there have been many such viruses that have gone nowhere, he said. "Until we see the virus moving in the wild, we consider it to be a low risk," Gullotto said.
Melhacker, who has also gone by the name Kamil, may have had some involvement in the September release of the BugBear mass-mailing network attack worm. According to iDefense, Melhacker has close ties to Nur Mohammad Kamil, who identifies himself as part of a group known as "A.Q.T.E. Al-Qaeda Network." Melhacker
Cybercrime/Hacking
Additional Resources



White Papers & Webcasts
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Data in Action: Making the Planet Smarter
Register Now
Email Archiving: A Business-Critical Application
Get this paper now!
Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Learn seven steps operators can take to meet IT configuration requirements set forth in the NERC-CIP standards.
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
The New World of eCrime: Targeted Brand Attacks and How to Combat Them
Download This Whitepaper Now!
Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

