A hacker has duped the moderator of the Bugtraq information security mailing list, which has 85,000 members, into distributing code that launched a denial of service attack against security vendor Network Associates (NAI).
An anonymous posting sent to the Bugtraq list overnight appeared to be a new script that can be used to exploit vulnerabilities discovered earlier this week in BIND (Berkeley Internet Name Domain), the software that runs much of the internet's domain naming system.
However, if a user downloaded the script to their computer and ran it, a data string within the code would launch a denial of service attack against NAI.
Bugtraq contributor Matt Lewis raised the alarm. "The Bind 8 Exploit sent to Bugtraq users by '[email protected]' is a trojan, as I'm sure many have found out at this point," he said in a posting to the mailing list.
"You can see the IP address for dns1.nai.com listed in the shell code included with the file. It forks off many copies of itself and violently attacks NAI's nameserver. How did this get approved? Did anyone test it or review it?" he added.
Chris McNab, network security analyst at security consultancy MIS, who came across the code on the BugTraq list last night, said: "We were testing it, and realised it is actually a clever trojan. It looks like an exploit script, but once it is downloaded and compiled, it sends off evil packets of data to NAI in a denial of service each time it is run."
McNab estimated that up to 25 or 30 per cent of Bugtraq's 85,000 readers may have tested the exploit and thus triggered a denial of service attack against NAI's website.
However, NAI said that despite the attack, their website remained intact. Douglas Hurd, business development manager for security products at the company, said: "Our website and internet connection were attacked, but no penetration took place and nothing died or went down. It could have affected availability but I haven't heard that it did. It was a denial of service attack similar to those which hit websites like Yahoo last year."
"We detected the attack as it happened and were able to contain it within 90 minutes. We have good defences, the ability to detect attacks and could execute a pre-determined response," he added.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago