New Computer Virus Causes Havoc
by Tom Ellerby
A powerful new computer virus was today causing havoc with e-mail systems across the world.
Experts described the virus, called Goner, as one of the fastest-spreading they had yet seen and warned computer users to immediately delete it if they received it.
Alex Shipp, spokesman for anti-virus service MessageLabs, said: “It’s spreading with tremendous speed and thousands of users in Britain have already been sent it.
“The virus mass mails itself out through e-mail and attempts to destroy anti-virus software on computers, which could prove extremely problematic for those unfortunate enough to receive it.”
The infected e-mail has the word “Hi” as its subject and body text which reads “When I saw this screen saver, I immediately thought about you. I am in a harry (sic), I promise you will love it.” Its attachment is labelled “gone.scr.”
It was first detected this morning in the US but experts believe it was created in Europe.
The US, the UK and France are the worst hit of the 17 countries affected so far.
Mr Shipp said: “We had a handful of reports this morning but at mid-afternoon in the UK it went mad. We have had about 30,000 reports and the figure is rising.”
A criminal investigation has now been launched in an effort to track down the person responsible for the virus.
Previous viruses, such as Love Bug, Code Red and the Nimda Worm caused problems for millions of computer users across the world.
Flaws in a BT Home Hub set-up are being blamed for helping facilitate a VoIP scam.
El Reg reader Keith Harbridge, an independent IT consultant, said his client, a firm of solicitors, is just one of number of companies stung by the scam, which occurred in early March.
Independent security consultants at Pen Test Partners confirmed a security issue in BT’s Home Hub setup, but argued the telco’s kit (which is not really designed for small businesses) was only partially to blame.
This type of fraud involves crooks hacking into a VoIP system before selling on the illicit access they’ve obtained.
BT finally responded to repeated requests for comment on the non-blocking of hacker traffic which lies at the heart of the problem, and supplied the following statement to El Reg on Wednesday morning:
BT has investigated similar issues and concluded that there is no fault with the way BT’s Consumer Home Hubs operate to allow VoIP calls over the internet.
It’s inappropriate to connect an IP PBX to the internet without taking additional steps to secure it.
If a customer does choose to set up their own IP PBX they must ensure that it is configured securely so they do not leave themselves exposed to potentially fraudulent behaviour.
The vast majority of BT customers would never use an IP PBX in this way, so there is very little risk that other customers would experience the same issue.
This issue has been a topic of complaints on its forums before, as well as coverage in this esteemed journal.
Harbridge was brought into the issue after his client asked him to investigate a reported intrusion into its IP PBX. “The company had reported to me that overnight its phone providers (BT and Voipfone) had called them to report an unusual call pattern to several European countries and had suspended services on their line,” he explained.
It quickly emerged that the IP PBX had been set up on the same subnet as the computer network, ostensibly so the IP PBX could set up an IP trunk to Voipfone. Harbridge declined to name the communications firm who set up the system, an entity that he doesn’t blame for the resulting mess.
“It did what it was told to do and while it’s a dubious design decision not to keep the phones and the computer network on separate subnets, I can see why he or she did it, given the requirements from the client,” Harbridge told El Reg.
“Ultimately, it made sure that the BT Home Hub security settings were set as high as they could be, and the firewall was turned on and set to block external connections. All SIP [Session Initiation Protocol] accounts had 256-bit passwords, and I am sure he/she was under the impression that the firewall on the Home Hub would stop all forms of outside access, and wasn’t to know that there was a built-in weakness,” he said.
TalkTalk, Sky and CityFibre have confirmed that a 1Gbps Ultra Fibre Optic (UFO) network is to be rolled out across the whole of York.
The move comes after a trial carried out in York earlier this year, which covered almost 14,000 properties, yielded very strong results.
More than 2,400 customers have signed up to the service with TalkTalk and Sky since the start of 2016.
The technology will now be deployed on a much larger scale across the city, with the network set to reach a further 40,000 homes over the next 18 months.
Richard Sinclair, General Manager Ultrafast for TalkTalk, commented: “We are very pleased with the success of UFO in York so far.
“Our customers are amazed at what they can do with their ultrafast connections – streaming HD TV without buffering, playing games in real time with people on the other side of the world, or simply enabling every member of the family to be online at the same time.”
Dido Harding, TalkTalk’s Chief Executive, added that the work being carried out in York is a clear demonstration of its commitment to playing “our part in securing connectivity for everyone”.
“I have long been convinced that we need to be more ambitious when it comes to the UK’s digital economy, and upgrade our broadband infrastructure once and for all,” she said.
The move has been hailed by Digital and Culture Minister Matt Hancock, who said the extension of full fibre gigabit speeds in York is “exactly the kind of thing we want to see industry delivering across the UK”.
He stressed that the government is working to support full fibre rollout by removing barriers and offering incentives that will help Britain cement its role as a digital leader, as well as get the “very best broadband to families and business”.
As part of this commitment, the government has already pledged to implement a new broadband Universal Service Obligation (USO) that ensures everyone in Britain has a legal right to request minimum speeds of 10Mbps by 2020.
Microsoft makes emergency security fix
10th May 2017