A new hacking tool using the instant-messaging platform Internet Relay Chat (IRC) is rapidly spreading across the Internet and has the potential to shut down Web servers.
Called Voyager Alpha Force, the tool has already been used to infect about 300 computers, according to various reports, but its biggest threat lies in its ability to be used in Distributed Denial of Service (DDoS) attacks, according to security experts.
“It is a malicious program you download from the Internet. It looks like it’s an IRC bot. Though we don’t have any numbers, and I don’t believe the software has yet been used to bring a Web server down, we do know that it’s gone around quite quickly,” said John Safa, chief technical officer at BitArts Ltd., a software security company in the United Kingdom.
Voyager Alpha Force infects computers running Microsoft Corp.’s SQL Server database software, allowing rogue software to be sneaked onto computers. In turn that software could then be instructed to send so many requests to a targeted Web server that it shuts down, Safa said.
“It is really, really difficult to stop it because requests come from thousands of IP addresses, so many that the server is flooded and (you end up) being forced to bring the server down,” Safa said.
“There is a blur going on right now between the hacking and the cracking community and now hacking tools are utilizing virus techniques. They can make it so that people are launching attacks without even knowing it, because the tool is hidden in the software and programs that they always use and trust. I think a lot of DDoS as an issue is getting swept under the carpet,” Safa said.
Though some security experts are recommending that companies and users should protect themselves by changing default passwords and putting their servers behind firewall software to block unauthorized access, Safa believes such precautions are not enough.
“There’s got to be a new approach. Putting servers behind the firewall is not sufficient to protect anyone from an attack because a large enough DDoS can cause the firewall itself to fall over. What we are saying is that protection has to be built into the software. You’ve got to get radical to protect your PC,” Safa said.
Companies should protect all of the programs they are running that could be used to access the Internet, everything from Outlook Express to Photoshop, and lock them down in order to keep them from being tampered with, Safa said.
“It’s fairly easy to do, but it does require a bit of discipline from not only the company but everyone using those programs,” Safa said.