Patch/Configuration Management, Vulnerability Management

Expert: Mainstream media Rinbot reports overblown

Security experts said today that a CNNMoney report on the latest strain of the Rinbot worm overhyped the destructive power of the malware.

The report came on the back of an infection of the network belonging to CNN’s parent company, Time Warner. The CNN article reported that “the latest strains of the insidious Rinbot computer virus could hijack network systems of businesses worldwide.”

But Ken Dunham, director of the Rapid Response Team for VeriSign iDefense, said that Rinbot is “just one of thousands of bots crawling the internet today.”

“This doesn’t even hardly show up on the radar screen,” Dunham told SCMagazine.com.

According to the CNN report, the latest variant of Rinbot targets anti-virus programs from companies such as Symantec.

"Traditionally, hackers always went after Microsoft's anti-virus programs. But now they're increasingly targeting other commonly used programs, such as Symantec programs and others," Graham Cluley, senior technology consultant with Sophos, told CNN.

While Symantec confirmed to CNN that code in the latest strain of Rinbot indicated a targeted attack, it said that its Security Response team rates the virus risk as "low."

"In order to close off the vulnerability itself, a patch was made available to customers in May 2006,” a Symantec spokesperson said in a statement later in the day. "Customers who have followed intelligent patching practices should not be affected by the new variant.”

To further protect customers, today Symantec also released certified definitions containing detection for the latest strain of the worm, W32.Rinbot.L.

Dunham agreed with Symantec’s assessment of the severity of Rinbot. He said that iDefense has seen zero reports of this newest strain of the worm.

Click here to email West Coast Bureau Chief Ericka Chickowski.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.