Security Researchers Feverishly Track New TrojanSecurity Researchers Feverishly Track New Trojan

The threat throws off lots of noise and seems to be mapping the Internet.

George V. Hulme, Contributor

June 19, 2003

2 Min Read
information logo in a gray background | information

There's a new security threat out on the Internet, but it's not clear how much of a threat it really is. Security researchers at Internet Security Systems say they've captured the code for a sneaky new Trojan application that has installed itself on an unknown number of Internet-connected servers and is attempting to scan and map networks connected to the Internet and send that information back to its controller.

Dan Ingevaldson, team leader for Internet Security Systems' X-Force R&D unit, says researchers are studying the Trojan--currently dubbed 55808 for its Windows size--which has been causing confusion for about a month in security circles. Security experts managed to capture their first copy of the Trojan on Wednesday, and they're still working to determine exactly what the Trojan is trying to accomplish.

One thing is clear: Trojan 55808 is sneakier than previous Trojan horses. It doesn't self-propagate, like a virus or a worm, and requires the attacker to plant it on systems. But it does transmit a lot of network noise designed to throw off cybersleuths attempting to find the IP addresses of infected systems, as well as the address of the Trojan's writer or controller.

"For each machine that is infected, it will throw off 1,000 fake or spoofed IP addresses," Ingevaldson says.

Furthermore, the Trojan is part of a distributed network that security researchers have yet to completely understand. "All of these [Trojan] agents, or zombies, are working together," Ingevaldson says, "though there isn't a direct communication channel. Someone is trying to map Internet-connected networks."

The Trojan currently attacks Linux-based systems, Ingevaldson says, but it could easily be ported to other operating-system platforms. Many businesses use Linux as the operating system for their Web servers.

So far, it hasn't been possible to determine the number of infected systems, says Ingevaldson, who adds that the Trojan could be an experiment. Says Ingevaldson, "It seems to be a platform to technically see if this widespread network mapping can be done."

Read more about:

20032003

About the Author

George V. Hulme

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at information.com.

See more from George V. Hulme
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

A group of smiling college graduates celebrating their graduation.
IT Leadership
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era
Why Liberal Arts Grads Could Be the Best Programmers of the AI Era

Jan 17, 2025

Flame front of the Eaton Fire on the first night during the January 2025 California wildfires in Altadena and Los Angeles
IT Sectors
How Tech Supports the Emergency Response to the LA County Wildfires
How Tech Supports the Emergency Response to the LA County Wildfires

Jan 16, 2025

Graphic Pop Art style Illustration of Keanu Reeves as NEO from the film, The Matrix
IT Infrastructure
Y2K and Infrastructure Resilience 25 Years Later
Y2K and Infrastructure Resilience 25 Years Later

Jan 7, 2025

Young businessman working on a virtual screen of the future and sees the inscription: Now hiring
IT Leadership
Help Wanted: IT Hiring Trends in 2025
Help Wanted: IT Hiring Trends in 2025

Nov 20, 2024

Cobol programming language software development concept on vitual screen.
IT Leadership
Untangling Enterprise Reliance on Legacy Systems
Untangling Enterprise Reliance on Legacy Systems

Jan 21, 2025

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports