Return-Path: <sentto-279987-1523-996671996-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 01 Aug 2001 06:22:08 -0700 (PDT) Received: (qmail 5644 invoked by uid 510); 1 Aug 2001 12:23:34 -0000 Received: from n30.groups.yahoo.com (216.115.96.80) by 204.181.12.215 with SMTP; 1 Aug 2001 12:23:34 -0000 X-eGroups-Return: sentto-279987-1523-996671996-fc=all.net@returns.onelist.com Received: from [10.1.4.53] by ho.egroups.com with NNFMP; 01 Aug 2001 13:21:11 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_2_0); 1 Aug 2001 13:19:56 -0000 Received: (qmail 9774 invoked from network); 1 Aug 2001 13:14:41 -0000 Received: from unknown (10.1.10.142) by l7.egroups.com with QMQP; 1 Aug 2001 13:14:41 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 1 Aug 2001 13:14:41 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id GAA25077 for iwar@onelist.com; Wed, 1 Aug 2001 06:14:40 -0700 Message-Id: <200108011314.GAA25077@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 1 Aug 2001 06:14:38 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] China Skeptical Code Red PC Worm of Chinese Origin Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit JUL 31, 2001 China Skeptical Code Red PC Worm of Chinese Origin By REUTERS Filed at 8:27 a.m. ET BEIJING (Reuters) - A Chinese network safety official said on Tuesday the fast-spreading ``Code Red'' Internet worm, which disrupted U.S. government Web sites last week, was probably not made in China, despite Web site defacings that said ``Hacked by Chinese.'' The Code Red worm, which U.S. officials said was likely to reemerge at 8 p.m. EDT Tuesday and wreak havoc on the Net, had surfaced little in China and appeared too sophisticated to be the work of Chinese hackers, the official said. ``I've never heard of anything so powerful in China. This is not something that an ordinary person has the skill to create,'' said the expert at the State Office of Network and Information Safety who gave his surname as Fang. Ronald Dick, director of the FBI's National Infrastructure Protection Center (NIPC), said the worm had infected more than 250,000 computer systems on July 19, a day of heavy attacks. Computer Associates International Inc (news/quote) (CA.N) said in a statement the worm had already affected 300,000 systems worldwide. NO CHINA IMPACT Hundreds of U.S. Web firms got a taste of Chinese patriotic vandalism when a hacker war flared between Americans and Chinese after an April 1 collision between a U.S. spyplane and a Chinese fighter. In last week's Code Red hits, some U.S. government sites showed the message ``Hacked by Chinese,'' using a popular term for illegally breaking into a computer system. But the virus had virtually no impact in China, according to the government-run Computer Virus Treatment Center in Tianjin, 60 miles east of Beijing. ``We haven't received any calls about it,'' said Liang Hong, a spokeswoman for the center. The worm installs itself on servers, then slows government and other Web sites with a blitz of download requests. Because it spreads uncontrollably after being transmitted, the worm would have surfaced more in China if it had been created by a Chinese person, said a technical support manager at Beijing Rising Technology Corp Ltd, a virus protection company. ``The virus has had more of an effect in Europe and the United States,'' said the manager, who asked not to be identified. Two of the three known variants of the Code Red worm, named after a caffeine drink favored by computer programmers, showed no obvious vandalism or Chinese characteristics. But an unrelated e-mail virus named W32.Sircam that surfaced earlier this month was spreading in China. Liang said the center had been told of at least 20 confirmed cases of the file-deleting virus, which security experts in the United States had said earlier in July spread to 50 countries. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Small business owners... Tell us what you think! http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:38 PDT