A hacker has duped the moderator of the Bugtraq information security mailing list, which has 85,000 members, into distributing code that launched a denial of service attack against security vendor Network Associates (NAI).
An anonymous posting sent to the Bugtraq list overnight appeared to be a new script that can be used to exploit vulnerabilities discovered earlier this week in BIND (Berkeley Internet Name Domain), the software that runs much of the internet's domain naming system.
However, if a user downloaded the script to their computer and ran it, a data string within the code would launch a denial of service attack against NAI.
Bugtraq contributor Matt Lewis raised the alarm. "The Bind 8 Exploit sent to Bugtraq users by '[email protected]' is a trojan, as I'm sure many have found out at this point," he said in a posting to the mailing list.
"You can see the IP address for dns1.nai.com listed in the shell code included with the file. It forks off many copies of itself and violently attacks NAI's nameserver. How did this get approved? Did anyone test it or review it?" he added.
Chris McNab, network security analyst at security consultancy MIS, who came across the code on the BugTraq list last night, said: "We were testing it, and realised it is actually a clever trojan. It looks like an exploit script, but once it is downloaded and compiled, it sends off evil packets of data to NAI in a denial of service each time it is run."
McNab estimated that up to 25 or 30 per cent of Bugtraq's 85,000 readers may have tested the exploit and thus triggered a denial of service attack against NAI's website.
However, NAI said that despite the attack, their website remained intact. Douglas Hurd, business development manager for security products at the company, said: "Our website and internet connection were attacked, but no penetration took place and nothing died or went down. It could have affected availability but I haven't heard that it did. It was a denial of service attack similar to those which hit websites like Yahoo last year."
"We detected the attack as it happened and were able to contain it within 90 minutes. We have good defences, the ability to detect attacks and could execute a pre-determined response," he added.
Could be used for everything from search-and-rescue robots to wearable tech
Don't require the rare material being mined from the mountains of South America
IBM hopes that its new tool will avoid bias in artificial intelligence
Found by calculating the strength of the material deep inside the crust of neutron stars