Anti-US hacker claims credit for ‘Here you have’ worm

The hacker, known as Iraq Resistance, responded to inquiries sent to an email address associated with the worm, according to US reports.

The hacker said, "The creation of this is just a tool to reach my voice to people maybe... or maybe other things."

The emails contained a link that appeared to lead to a PDF file, but instead directed victims to a malicious .SCR executable file served from a different domain.

This enabled the worm to bypass many security systems that block e-mails with executable files attached. Once activated, the malware disabled security software and sent copies of itself to all the e-mail contacts of the victim, causing an e-mail storm.

The worm accounted for up to 14% of the world's spam for a few hours on Thursday, according to Cisco, clogging email networks mainly in the US.

On Sunday, Iraq Resistance posted a video featuring a computer-generated voice that said the hacker's actions were not as bad as those of Terry Jones, the pastor at a small Florida church who threatened to burn copies of the Koran.

Security experts agree that the worm could have caused more damage, but included only password logging software and a backdoor programme that could have been used to allow its creator to control infected machines.

The worm was quickly shut down when web servers that it used to infect machines and issue new commands were taken offline last week.

This story was first published by Computer Weekly

What’s Hot on Infosecurity Magazine?