Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Hostile Trojan Missiles Create Threat

Attention Information Technology editor - for immediate release

A news alert from Content Technologies’ Threat Lab

WELLINGTON, Dec 6: Classic anti-virus solutions are not effective against present and emerging script attacks, such as LOVEBUG and KAKworm, currently the most prevalent viruses in the world.

Trojans such as Qaz, which breached Microsoft’s network in the United States and was the fifth most prevalent virus in September 2000, are dangerous but of more concern is the rise in prominence over the last couple of months of Script-based hostile code.

In a recent survey by the International Computer Security Association (ICSA), 41 per cent of the respondents said LOVEBUG had inflicted a “disaster “ in their networks, shutting down servers and costing companies on average $NZ 285,000 based on lost productivity and related issues.

The Threat Lab team from Content Technologies, the leading developer of e-mail and Internet content security and policy management solutions, has analysed the shape of present and emerging script attacks.

“Our research shows that the continued effectiveness of classic signature-based scanning anti-virus techniques will be greatly challenged by recent developments, both in the availability of tools for the unskilled 'script-kiddies'; and in the use of encryption,” says Alyn Hockey, Director of Research for Content Technologies.

“A good way to illustrate this is the development of Godmessage.html. Having studied the progress of KAKworm and BubbleBoy, we envisage that if the development of GodMessage.html continues at its current pace, it will soon be able to replicate and morph in such away as to present the AV industry with some interesting challenges.”

Currently Godmessage can be compared to a directed missile, which can be used to target a victim by e-mail for some nefarious purpose. Traditional AV solutions are able after a time to develop a viral pattern to protect the user.

“However, if Godmessage takes on worm capability - which we expect it to do – these individual attacks will multiply into a missile attack of differing payloads,” Mr Hockey said.

“Classic signature-based scanning anti-virus solutions will not be able to cope with the variants and the speed with which they appear. Potentially this leaves thousands of organisations and end-users exposed.”.


If you would like to know more, Content Technologies’ Threat Lab team have developed the following news bulletins on script-based hostile code, including:

HTML Signature Attacks, including an overview of KAKworm

Trojan within Trojan Attacks, including an overview of GodMessage

Protection from Script Attacks, including a free script checking tool from Content Technologies

About Content Technologies’ ThreatLab:

The main activities of the Content Technologies’ Threat Lab are to monitor current and incipient security issues, investigate novel threats and develop proactive strategies and defence mechanisms.

This was demonstrated with ThreatLab’s approach to LOVEBUG and its variants. The team developed a generic solution, rather than building countless patterns to protect customers.

Content Technologies’ customers have been protected from the LOVEBUG and its variants since May 5 with a single generic fix - an intelligent keyword search profile that detects if an attachment contains suspicious VBScript commands. The suspect message can be quarantined or deleted at the gateway, depending on the organisation’s content security policy.

MIMEsweeper can even check the object regardless of how many file extensions it is buried under and irrespective of the message or filename.

To keep abreast of the latest threats and how to use MIMEsweeper to stop them, subscribe to the threat lab newsletter at


© Scoop Media

Business Headlines | Sci-Tech Headlines


Voluntary Administration: Renaissance Brewing Up For Sale

Renaissance Brewing, the first local company to raise capital through equity crowdfunding, is up for sale after cash flow woes and product management issues led to the appointment of voluntary administrators. More>>


Approval: Northern Corridor Decision Released

The approval gives the green light to construction of the last link of Auckland’s Western Ring Route, providing an alternative route from South Auckland to the North Shore. More>>


Media Mega Merger: Full Steam Ahead For Appeal

New Zealand's two largest news publishers have confirmed they are committed to pursuing their appeal against the Commerce Commission's rejection of the proposal to merge their operations. More>>

Crown Accounts: $4.1 Billion Surplus

The New Zealand Government has achieved its third fiscal surplus in a row with the Crown accounts for the year ended 30 June 2017 showing an OBEGAL surplus of $4.1 billion, $2.2 billion stronger than last year, Finance Minister Steven Joyce says. More>>


Mycoplasma Bovis: One New Property Tests Positive

The newly identified property... was already under a Restricted Place notice under the Biosecurity Act. More>>

Accounting Scandal: Suspension Of Fuji Xerox From All-Of-Government Contract

General Manager of New Zealand Government Procurement John Ivil says, “FXNZ has been formally suspended from the Print Technology and Associated Services (PTAS) contract and terminated from the Office Supplies contract.” More>>