[ISN] Symantec website under DDoS attack
isn at c4i.org
Tue Jul 19 04:48:48 EDT 2005
By Dan Ilett
18 July 2005
An email worm is recruiting computers for a coordinated attack on
antivirus vendor Symantec's website.
Since Friday, email filtering vendor MessageLabs has intercepted
13,717 copies of the worm, dubbed Breatel.A-mm, and has issued a
The worm travels as an email attachment, under the subject lines:
"Message could not be delivered", "Error", or "Mail Delivery System".
If the attached file is opened, the computer connects to a botnet - a
network of thousands of hacker-controlled computers used for illegal
activity - and begins to send data to the Symantec website in the hope
of crashing it.
According to antivirus company F-Secure, the worm attachment contains
a message to Symantec that says: "easy to talk but hard to work :)
what about working in symantec? :P it is not only a mass mail worm it
is also a lsass worm :)"
A Symantec spokesman said that the company's infrastructure was built
to withstand such attacks.
The first copy of the worm was sent from Northern Ireland, MessageLabs
More information about the ISN