Agent.BTZ

Agent.BTZ, also named Autorun,[1][2] is a Computer worm which was used as a Spyware in the 2008 cyberattack on United States. It's a variant of the SillyFDC worm.[3]

Not to be confused with Agent.AWF, which is a Trojan infecting Windows and Android systems.

Technical description

The worm itself is a DLL file, written in Assembler (x86-32 bit).[4] It spreads by creating an AUTORUN.INF file to the root of each drive with the DLL file.[5]

History

As the malware, on an infected computer, is able to infect any plugged-in USB flash drive, the US military banned the use of USB and removable media devices in 2008.[6]

Attribution

An article[7] in the Los Angeles Times reported that US defense officials described the malicious software as "apparently designed specifically to target military networks." It's "thought to be from inside Russia", although it was not clear "whether the destructive program was created by an individual hacker or whether the Russian government may have had some involvement."

According to an article[8] in The Economist, "it is not clear that agent.btz was designed specifically to target military networks, or indeed that it comes from either Russia or China."

In 2010, American journalist Noah Shachtman wrote an article[9] to investigate the theory that the worm was written by a single hacker.

However, analyses[10] by Kaspersky Lab found relations to other spyware:

References

  1. http://blog.threatexpert.com/2008/11/agentbtz-threat-that-hit-pentagon.html
  2. http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=149448
  3. http://www.brookings.edu/research/opinions/2010/08/25-pentagon-worm-shachtman
  4. http://www.pandasecurity.com/usa/homeusers/security-info/114229/information/Agent.BTZ
  5. https://www.f-secure.com/v-descs/worm_w32_agent_btz.shtml
  6. http://www.theregister.co.uk/2008/11/20/us_army_usb_ban/
  7. http://articles.latimes.com/2008/nov/28/nation/na-cyberattack28
  8. http://www.economist.com/node/12725712
  9. http://www.brookings.edu/research/opinions/2010/08/25-pentagon-worm-shachtman
  10. https://securelist.com/blog/virus-watch/58551/agent-btz-a-source-of-inspiration/
This article is issued from Wikipedia - version of the Wednesday, May 04, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.