German gov't group warns of Y2K attacks

A German government organisation responsible for IT security is warning users that computer viruses, Trojan horses and dangerous e-mails are on the rise as 2000 approaches.

A German government organisation responsible for IT security is warning users that computer viruses, Trojan horses and dangerous e-mails are on the rise as 2000 approaches.

The end of the year always provides a good excuse for malicious parties to send out programs with damaging functions, the Bundesamt für Sicherheit in der Informationstechnik, (BSI), said in a statement yesterday.

"In the cold, dark part of the year, malicious programmers have more time to program," said Frank Felzmann, a security expert with the BSI, today.

In particular, BSI is warning users against opening electronic Christmas cards sent as e-mail attachments, which often hide malicious programs that do their damage unseen. Hackers have easy access to special programs that enable them to attach viruses to harmless e-mail attachments, Felzmann said.

Also back in circulation this holiday season is Happy99, Felzmann said, delivered via an attachment with a fireworks display. The virus sends copies of itself to the same newsgroups and e-mail addresses that an infected user is sending to.

Other malicious programs are sent under the pretext of making a home computer year-2000 compatible, BSI said.

One such program is Y2KCount, a Trojan horse disguised as a Y2K tool from Microsoft C that installs itself in computers with Windows 95 and 98 operating systems, and then monitors the user's Internet usage. A Trojan horse enters a computer unseen, but, unlike a computer virus it cannot spread itself.

Another, more dangerous virus is Fix2001, BSI said. Fix2001 is an Internet worm disguised as a year 2000 tool that can, under certain conditions, destroy the hard drive of the computer it inhabits. A worm is a kind of virus that "worms" its way into a part of your computer where it can do major harm.

Before running any Y2K fix program, users should carefully check their source, BSI said.

The BSI also warns against falsified e-mails using the millennium changeover as an excuse to obtain sensitive information about the user. Posing as an ISP, senders of these e-mails ask users to surrender access data, or bank and credit card information. A number of such e-mails have been sent under the ruse that if the receiver doesn't send the information, he or she will experience Y2K-related computer problems and lose their Internet access, BSI said.

Viruses spread via e-mail attachments have become increasingly common this year, according to security experts. According to a survey carried out by the International Computer Security Association (ICSA), 56 percent of infections this year were attributed to e-mail attachments compared to 32 percent last year.

BSI can be reached at http://www.bsi.de/.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments
[]