Sun worms causing problems

Verisign's iDefense service has issued an alert about two worms causing problems for Sun operating system users.

The first worm is Solaris - named after the operating system, apparently - which affects both Intel x86 and SPARC-based platforms of Sun's operating systems.

According to iDefense, the worm spreads over Solaris telnet version 10.x. External facing telnet services on vulnerable platforms are, thankfully, believed to be limited.

The second worm is Storm, which iDefense has been updated since it appeared last year. The worm, the firm says, is a continuing work in progress, and is now posting hostile links to forums.

According to Ken Dunham, iDefense's director of the rapid response team, the Storm worm is notable, since it installs multiple files, including a new Trojan that injects malicious links into Vbulletin and phpBB forums.

"Storm reveals how aggressive and advanced malicious code attacks are today, utilising a convergence of technologies and techniques for maximum financial gain," he explained.

Dunham warned that Mespam, the Trojan installed by Storm, installs as a DLL to manipulate the TCP/IP traffic on a compromised computer.

This newer technique, he says, may prove to be a significant threat vector if leveraged to other popular online mediums in the future, such as community and video sharing sites.

Interesting stuff. I don't know what Sun would have to say about this latest set of Sun operating system malware, especially when it said last year that the platform was relatively fee of security problems.

If Sun said it, then it must be true, mustn't it?...