New denial-of-service hack tool runs on Windows

Hackers have released new tools that could make attacks like those that temporarily shut down popular Web sites such as eBay and Amazon.com earlier this month even easier, a computer security firm warned yesterday.

The new tools could misuse Microsoft Corp.'s Windows NT, 95, 98 and 2000-based systems to launch a massive amount of data that would overwhelm a Web site, David Perry, a spokesman for antivirus software vendor Trend Micro Inc., said in a phone interview. Trend has posted more information about the tool on its Web site.

Two weeks ago, several Web sites were briefly closed down due to continuous streams of data being launched from computers running on Sun Microsystems Inc.'s Solaris operating systems, Perry said. The use of the Solaris Unix operating system required some expertise to initiate, while knowledge of the Windows operating systems family is widespread, he explained.

"The only difference from the tools used (two weeks ago) and those released this week is that someone now has taken an agent and made it work on Windows," Perry said. "But the Windows-based machines are an order of magnitude easier to use than the others."

No attacks from Windows-based machines have been reported since the new tools were posted on an Internet bulletin board Saturday night, Perry said.

In the so-called denial-of-service attacks two weeks ago, bits of data were distributed to a multitude of computers around the world. These data "sleepers" were then simultaneously sent to networks, overwhelming them.

The hackers who posted the latest tools Saturday are seemingly not connected to those who engineered the recent attack, Perry said. "There's an army of teen-agers out there in the hacker world," he said.

The FBI is continuing its investigation into the recent attacks, which are believed to originate from networks that include the University of California at Santa Barbara and Stanford University. Market research company The Yankee Group estimated the attacks have cost the information technology industry upwards of $1.2 billion.

Microsoft monitored the attacks and has updated its security apparatus, said Microsoft spokesman Adam Sohn yesterday in a phone interview.

IT professionals configuring networks can get advice on security maintenance by going to Microsoft's security Web site and reading a bulletin titled "Security Considerations for Network Attacks," Sohn said.

Trend Micro, headquartered in Tokyo, has its North American headquarters in Cupertino, Calif.

Related stories:

Copyright © 2000 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon