ISS customers targeted in worm attack

A malicious worm is targeting customers of IT security firm Internet Security Systems (ISS).

The worm, Witty.A, exploits a hole in the firm's firewall products, such as RealSecure and BlackICE, and, experts report, is similar to the Blaster virus, which caused millions of dollars worth of damage last year.

The worm is designed to spread by itself without traveling via emails or attachments. It has the potential to delete and overwrite random sectors of hard drives.

ISS responded to the threat by issuing a patch and issued a statement on its website that read: "The Witty worm uses hard-coded addresses and only has the ability to infect certain builds of the Protocol Analysis Module (PAM). The Witty worm is destructive to the target system, and overwrites key hard disk sectors after sending out its payload. The junk data written to disk may impact system stability and cause a 'blue screen' to occur upon reboot."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.